The first tenet of the RID Code of Professional Conduct (CPC) states that interpreters “adhere to standards of confidential communication” by locking file cabinets and shredding paper. However, what happens to data that resides on an interpreter’s smart phone calendar, in an email saved to a browser’s cache, or on discarded networked servers? When such items are lost, stolen, or discarded, will traces of data betray the privacy of our clients? Even deleted files are easily recovered with minimal effort (Brandt, 2006).
Such data leaks have real impact on organizations and individuals. After the 2008 presidential election, the McCain-Palin campaign sold surplus equipment, including Blackberries that contained “campaign related emails” (Doctorow, 2008). In January 2009, a man living in New Zealand purchased a used iPod over an auction site, only to find it contained sensitive military documents (Etherington, 2009). In May 2009, researchers reported they found sensitive data from hard drives “purchased from fairs and auctions” (Flatley, 2009).
As interpreters, do our habits threaten the confidentiality of our clients? That is, while we may safeguard our clients by following the first tenet and its example behaviors, do weak digital habits such as carelessly discarding equipment and weak passwords leave client information at risk of discovery?
The CPC already dictates how one is to guard client privacy with interpersonal communication and paper documentation. However, no documentation was found advising interpreters how to handle information once it becomes digital. This information is stored and transmitted by means over which we have little control, and often, little knowledge of its path.
The severity of risk is found in how much client information is transmitted and stored. When an interpreting agency acts as a service broker, that data arrives at the agency via a phone, fax, email, or online form submission. If the agency uses a scheduling system, that information is saved to a central database. Interpreters check their schedules through computers or mobile smart phones. When contracting businesses contact a freelance interpreter directly, details are exchanged over the phone or email. The interpreter saves assignment information to his schedule in a mobile device or online calendar. At this point, there is client data saved on servers hosting the agency’s scheduling application and on devices, including smart phones or personal computers, used by the interpreter to access this information.
In order to see whether the interpreting profession was at risk of leaking client data, I asked colleagues on Gallaudet’s campus, various RID state chapters, and other interpreters in the DC area to circulate the URL of a four page on-line survey.
The first page asked participants their setting type, how long they have interpreted in a professional capacity, the number of hours per week they work, which certification status they hold, and how they typically receive assignments. Page two asked if their agency uses a web-based scheduling program. Page three, shown only if the previous question was marked as true, asked about the dynamics of the scheduling system including the amount of client information held in the system, if access was secured, and if the system used email notifications. The final page asked about their personal technical habits. Three targeted questions inquired if participants used a password manager, if they sold equipment second hand, and if their email account was compromised, would someone find assignment-related information.
Results and discussion
Fifty-five responses were collected through January 2010. Those responses represented multiple work settings, with freelance as the highest. Some respondents kept weekly assignment schedules on their Smart phones (38%). Others used a paper planner (33%), an agency’s scheduling system (18%), or a web-based calendar (13%). Some used multiple methods. Most respondents (74%) use a smart phone and just over half check email using that device. Sixty-percent receive assignments through email. Mobile devices may still hold assignment-related information that could be seen by outside parties if the device is lost, stolen, sold, or discarded.
Of the subset of respondents who work with a web-based scheduling system, over half were either happy or very happy using these systems. An overwhelming majority felt the system held just the right amount of information on the client. This is an important figure because the risk increases if too much client information is stored and subsequently compromised. However, the respondents may have read this question in reference to the system providing enough information regarding the specific assignment (Peruzzi, 2010). The survey meant to ask if a deaf client could be easily identified if the system was compromised.
Just under three-quarters reported they could easily change their password. The remaining reported that it was either too hard or they did not know how. This is somewhat disturbing as most authorities encourage frequent password changes (Brentnall, 2007). The combination of the system permission levels and poor rules regarding log-in credentials could leave data vulnerable.
Though most report that their online scheduling system uses a secure connection, about 66% report that those systems also used email notification. Email is typically sent “in the clear” without encryption and may fall victim to eavesdropping (Brynko, 2008). This risk, again, depends how much client information is transmitted.
Only 11% report using a password manager. When asked if their email account was compromised, twenty-five present of the respondents report that assignment details related would be revealed. Forty percent say no assignment details would be revealed. Thirty-five percent said that assignment details may be discovered, but that nothing too sensitive would be revealed.
Technology is a daily part of both an interpreter’s job and the operations of agencies. How then might individuals and agencies take steps to mitigate the potential of leaking client data?
Data in transit
Danger mainly exists in three primary areas. First, data transmitted over the Internet or other network may be intercepted, read, and saved if it is not encrypted. Unencrypted information, also known as information passed in the clear, leaves traffic open to eavesdropping. Such traffic may contain log-in credentials to email accounts or web-based scheduling systems.
To guard data in transit, use encrypted connections. In web browsers, be sure that web addresses start with “https” (Hypertext Transfer Protocol Secure). This signifies that the browser traffic is secure (encrypted), making eavesdropping on the traffic very difficult. Industry vigilance is increasing. For example, Google defaulted Gmail sessions to a secure connection “a few hours after [they] disclosed that it had been the victim of sophisticated online attacks, including assaults on the Gmail accounts of Chinese human rights activists” (Richmond, 2010).
For agencies, web based communications should be secured from a central point. System administrators or IT consultants are able to set secure, encrypted connections to enterprise level email systems and web-based solutions. Remote connections to office computers can be secured by implementing a Virtual Private Network (VPN).
Lost, stolen, or discarded equipment
The second danger relates to lost, stolen, or discarded hardware that still contains sensitive information. This is when a malicious individual obtains physical access to hardware. This may include decommissioned servers and office computers where hard drives and backup tapes are not properly wiped or destroyed (Berinato, 2005). Examples of discarded data have grown. In 2003, Kentucky disposed of servers that listed individuals who tested positive for AIDS and other STDs, and in 2005, Montana “disposed of hard drives that still had Social Security numbers and medical records” (Berinato, 2005).
Any device on which an interpreter checks email or views an online schedule now carries a copy of that information. Smart phones can be lost or stolen. Old computers might be tossed into an an open dumpster or sold over Internet auction or classified sites. Lost, stolen, and discarded equipment may reveal secrets. Australian newspaper The Sunday Telegraph reported how a team of engineers scanned a sim card from a reporter’s phone. They found “the owner’s date of birth, home address, brother’s name and high school attended – all from deleted messages” (Squires, 2009).
To protect portable devices, interpreters should avoid saving sensitive information in the first place (Mills, 2010). However, that may not be practical. You can balance this by using the device’s pin lock feature where by one must enter a pass-code at the start screen. That way if a phone is lost or stolen, the pin lock will hinder anyone from casually coming across sensitive information. Encrypt the data. If someone tries to scan the device’s memory, the scrambled data will stymie their efforts. Before a phone is lost or stolen, learn how to remotely wipe a phones contents (Frakes, 2009).
To protect desktop and laptop computer systems, the same advice holds: encrypt data and wipe hard drives before decommissioning equipment. The encrypted file system can be managed by the current operating system transparently from the user’s view (Lemos, 2009). On modern operating systems, most of the time “encrypted data is completely inaccessible without the decryption key” (Lowman, 2010). That means, turning on your computer’s encrypted file system helps you protect information from prying eyes with minimal effort, assuming one uses a strong password.
Before old hardware is sold or decommissioned, wipe the hard drive by using a utility such as Darik’s Boot and Nuke (DBAN) (Brandt, 2006). Deleting a file does not actually remove information from your computer’s hard drive. It merely permits that space on the disk to be used for another file at a later time. Wiping a hard drive on the other hand, overwrites an entire drive with meaningless data. Should someone try to recover deleted files, wiping provides another layer of difficulty.
Finally, a person’s own habits may be a weak point. Simple passwords are too often used and are easy targets for brute force attacks (Brentnall, 2007). Poor examples of top passwords include “123456,” “12345,” “123456789,” and “password” (Vance, 2010).
In late 2009, a Twitter.com employee account was compromised and company information leaked (Fitzgerald, 2009). A hacker launched a brute force attack on the site and gained access to an account by using the password “happiness” (Zetter, 2009). After discovering the compromised account had administrative privileges, he reset other user passwords and gained further access (Zetter, 2009).
To protect against such types of attacks, one should use strong passwords made of complex patterns of alphanumeric characters of mixed case, salted with special characters and punctuation marks. For example, “happiness” would not have been such as easy target had the employee used “H@pp+1n3ss!!.” In this example, I simply substituted punctuation marks and numbers in place of some letters and added a plus in the middle of the word. I can remember that the password is close to “happiness” but the substituted characters make it harder to guess.
To ease managing multiple usernames and passwords, use a password manager. These programs organizes a list of web address and corresponding usernames and passwords. This list is saved to an encrypted data file locked down to a single, strong password that you create. By using these programs, you only need to remember one strong password in place of a dozen simpler ones.
Other dangers do lurk; however, these three are easily addressed. While there is no fool-proof method to protect oneself, employing certain techniques can make you a more difficult target. Though not discussed in this article, it is highly recommended to use standard practices such as anti-virus software and your operating system’s firewall.
From the responses, there are some issues to address. Agencies would benefit from reviewing their IT policies to balance security and client privacy while permitting their employees operate easily and efficiently. Web-based scheduling software should be accessed only over an encrypted connection. Agencies should also explore deploying a Virtual Private Network (VPN), which permits employees to access office resources over a secure connection.
Staff and freelance interpreters would benefit from using techniques mentioned in this article: pin locking mobile devices, using encryption on their personal computers, devices, and email, and wiping devices and computers before they are sold, donated, or recycled.
It is also important to remember that technology is only part of the solution. Along with the protective measures listed above, the key is the amount of client information recorded in the first place. The amount should balance between giving the interpreter enough detail to do the job while not releasing private client information to unprotected channels.
As technologies mature and their use expands, the requirements and due diligence demanded by law will not be far behind. Legislation is now moving through Congress. The House is considering HR 2221, The Data Accountability and Trust Act, that would “provide a uniform notification policy, require the Federal Trade Commission (FTC) to develop standards for data security, require data brokers to provide individuals with access to their personal records and to correct any errors, and allow the FTC and state attorneys general to initiate lawsuits against companies for noncompliance” (Pike, 2009). The Senate is similarly considering Personal Data Privacy and Security Act of 2009, S. 1490 (Morphy, 2010).
Our profession should watch industry trends and the Congressional debate. Data leaks have real-world consequences. It would be wise to add guidelines to the first tenet of the CPC, establishing a minimal standard on how we should keep, protect, and dispose of client information carried saved to digital storage devices and sent through various channels. This would only demonstrate our respect for our clients’ privacy and demonstrate a keenness to maintain that trust.
Berinato, S. Green IT: What to Do When It’s Time to Get Rid of Old Hardware. CIO. Oct 1, 2005 – v. 19, no. 1, pg 66. http://www.cio.com/article/12563/
Brandt, Andrew. (2006, February). Make Sure Your Old Computer Tells No Tales. PC World, 24(2), 38.
Brentnall, Vicki. (2007, April). How to pick a pA5sw0rD. Medical Economics, 84(8), 49-51.
Brynko, B. (2008, June). Locked Envelope: The Alarm for Email. Information Today, 25(6), 42.
Doctorow, Cory. McCain-Palin campaign dumps Blackberries loaded with personal numbers, internal email. Boing Boing. Posted December 13, 2008. http://boingboing.net/2008/12/13/mccainpalin-campaign-1.html
Etherington, Darrell. Gently Used iPod for Sale, Comes Complete With Military Secrets.Salon.com. Posted January 27, 2009. http://www.salon.com/tech/giga_om/mac_love/2009/01/27/gently_used_ipod_for_sale_comes_complete_with_military_secrets
Fitzgerald, M. (2009, November). Technology: They knew the magic word. Inc, 31(9), 114,116.
Flatley, Joseph. Study finds that Lockheed Martin needs to stop disposing of hard drives with top secret data intact. Engadget.com. Posted May 7, 2009. http://www.engadget.com/2009/05/07/study-finds-that-lockheed-martin-needs-to-stop-disposing-of-hard/
Frakes, Dan. Inside iPhone 3.0’s Remote Wipe feature: How long a wipe takes—and how secure it is— depends on which device you use. Macworld.com. Posted July 15, 2009. http://www.macworld.com/article/141605/2009/07/remotewipe.html
Lemos, R. (2009, January). Use Encryption to Safeguard Your Data. PC World, 27(1), 47-48.
Lowman, Sarah. The Effect of File and Disk Encryption on Computer Forensics. Posted
January 2010. http://lowmanio.co.uk/share/The%20Effect%20of%20File%20and%20Disk%20Encryption%20on%20Computer%20Forensics.pdf
Mills, Elinor. Using your smartphone safely (FAQ). CNET News. Posted January 5, 2010. http://news.cnet.com/8301-1009_3-10424759-83.html
Morphy, Erika. Creepy Ways Your Social Media Data Can Be Used. TechNewsWorld. Posted January 21, 2010. http://www.technewsworld.com/story/69158.html
Pike, G. (2009, December). Congress Debates Data Breach Legislation. Information Today, 26(11), 17,19.
Peruzzi, Meredith, CI/CT. Personal INTERVIEW. January 2010.
Richmond, Riva. Google Upgrades Security on Gmail. New York Times’ Gadgetwise Blog. Posted January 13, 2010. http://gadgetwise.blogs.nytimes.com/2010/01/13/google-upgrades-security-on-gmail/
RID. Code of Professional Conduct. http://rid.org/ethics/code/index.cfm
Squires, Rosie. XRY forensic device finds secrets in your mobile phone. The Sunday Telegraph.Posted October 25, 2009. http://www.news.com.au/technology/xry-forensic-device-finds-secrets-in-your-mobile-phone/story-e6frfro0-1225790941671
Vance, Ashlee. If Your Password Is 123456, Just Make It HackMe. New York Times. Posted January 20, 2010. http://www.nytimes.com/2010/01/21/technology/21password.html
Zetter, Kim. Weak Password Brings ‘Happiness’ to Twitter Hacker. Wired Magazine’s Threat Level. Posted January 6, 2009. http://www.wired.com/threatlevel/2009/01/professed-twitt/#ixzz0ehNBJXmw