Why does Privacy Man appear to be hovering outside the window of a private office?* Image: Transportation Security Administration

One is characterized by extraordinary wealth, endless adoration and a certain place in history. The other endures grinding repetition, virtual anonymity and paychecks that seem to graduate at the slowest pace humanly possible over a period of decades.

Celebrities and low-level bureaucrats couldn’t exist farther apart from one another. So perhaps it’s no surprise that government employees can’t fight the urge to pry into the private lives of high-profile figures using something they do have: access to vast digital repositories of sensitive personal information.

No amount of specialized training and threats of criminal prosecution seem capable of slowing the stories that emerge periodically and predictably of another government worker getting into trouble for drawing up private records not just on Hollywood actors, rock stars and political candidates, but everyday people, too.

Police employees in Massachusetts searched for personal details on NFL athlete Tom Brady nearly 1,000 times. In Tennessee, a probation officer allegedly checked up on his neighbors. One border protection officer scanned for family members and drug traffickers he knew from working at a Tequila Frogs in Juarez, according to court records. The man purportedly did it using a network that contains anti-terrorism intelligence records and more, known as TECS.

Each time State Department clerk Brooke Reyna logged onto to the federal government’s PIERS database, an automated warning reminded her that the system was for official use only and unauthorized searches were a violation of federal law.

Reyna was also informed that her activity on PIERS was subject to monitoring by the State Department and law-enforcement officials. But none of that apparently bothered Reyna, according to a federal grand jury indictment filed earlier this year in New Hampshire.

Federal Indictment of Brooke Reyna

Short for the Passport Information Electronic Records System, PIERS contains consular documents dating back to the 1970s, as well as all imaged passport applications since 1994. Specifically, it houses full names, dates and places of birth, phone numbers and current addresses, plus parental and spousal information.

Prosecutors allege that Reyna on 300 occasions looked up passport applications for “celebrities, actors, reality-television contestants, television personalities, musicians, models, athletes” and their families. News accounts say the sister of tabloid fixation Lindsay Lohan was among them.

“Defendant Reyna had no official government reason to access and view these passport applications,” the indictment reads.

PIERS is exactly the type of electronic system that worried critics who pushed for Congress to pass the Privacy Act all the way back in 1974. As government began compiling greater and greater volumes of private info on individual Americans in massive data Walmarts, there would have to be safeguards put in place to protect it from being misused.

The Department of Homeland Security, with its multitude of databases, even came up with a mascot to teach bureaucrats the need for responsibly handling personal information known as “Privacy Man.” He dons a superhero mask and costume. (We can’t make this stuff up, folks. The poster above was obtained from DHS.)

Government employees nevertheless have more opportunities today than ever before to dig deep into the lives of everyone else. And they do.

Minnesota’s Department of Public Safety disciplined two workers during 2008 for conducting inappropriate searches on hundreds of the state’s residents, including several notable figures, in a driver’s license database. That system reportedly didn’t list social security numbers, but it did contain home addresses and other private data.

In the Massachusetts case, law enforcement personnel across the state were caught last year improperly pulling up records on public figures hundreds of times – everyone from actor Matt Damon to musician James Taylor, in addition to Patriots quarterback Tom Brady. Although access to the data portal involved was supposed to be restricted, it had as many as 25,000 users in Massachusetts and enabled the retrieval of names, birth dates, social security numbers and criminal backgrounds, as well as driver’s license and vehicle information.

Some observers may find it difficult to muster sympathy for the rich and famous, but such scandals aren’t limited to the highest-profile people.

Another Customs and Border Protection officer pled guilty in 2008 to accessing TECS over 100 times while spying on his girlfriend, who frequently crossed the border from her home in Mexico. He was also accused of lying to FBI agents about his use of TECS.

Officials praised a new criminal-justice database in Tennessee that allowed police easier access to records for more quickly resolving investigations, a trend that swept the country after Sept. 11 when officials sought to better collect, analyze and share critical intelligence about possible terrorists. But the Nashville Tennessean found in 2008 that hundreds of law-enforcement agencies were given the keys to it with poor oversight.

Two highway patrolmen were reprimanded for backgrounding their families and ex-spouses, a county commissioner reportedly looked up info on fellow politicians and municipal officials, and a police lieutenant was fired amid accusations that he conducted wrongful checks on nearly 200 people, many of whom were women.

The most worrisome discovery in Tennessee, however, may be that nearly four decades after Americans became aware of a need for laws like the Privacy Act, authorities didn’t consider the protection of sensitive data a top priority.

According to the Tennessean:

The idea of preventing abuse or devoting extra resources to training was not a focus during the creation of the system. ‘Maybe we should have emphasized it more or made a bigger deal about it in retrospect,’ said David Raybin [a Nashville attorney who helped with the data portal’s development]. ‘I don’t want to say it was a mistake, because there is no system you can design that is 100-percent foolproof. You can train from today until tomorrow, and at the end of the day it requires a certain amount of trust of the law enforcement officers.

*A TSA official followed up after we posted to say the building Privacy Man is repelling from is actually the agency’s headquarters.

Creative Commons License

Republish our articles for free, online or in print, under a Creative Commons license.

G.W. Schulz is a reporter for Reveal, covering security, privacy, technology and criminal justice. Since joining The Center for Investigative Reporting in 2008, he's reported stories for NPR, KQED, Wired.com, The Dallas Morning News, the Chicago Tribune, the San Francisco Chronicle, Mother Jones and more. Prior to that, he wrote for the San Francisco Bay Guardian and was an early contributor to The Chauncey Bailey Project, which won a Tom Renner Award from Investigative Reporters and Editors in 2008. Schulz also has won awards from the California Newspaper Publishers Association and the Society of Professional Journalists’ Northern California Chapter. He graduated from the University of Kansas and is based in Austin, Texas.