Arrested Due To A Database Error

from the doesn't-sound-like-fun dept

Well, here’s a story that combines a few different things we’ve seen lately, from police (and star basketball players) raiding the home of the wrong person due to a faulty IP address to the fact that all these big data mining companies often have wrong info about you, including incorrect criminal records. In this case, a guy who got a job as a security guard as a retailer ended up spending a week in jail after the company did a background check on him and data mining firm Choicepoint (whose name became well known when they sold info to a group of identity theft scammers) incorrectly found that there were arrest warrants out for this guy for child molestation and rape. The problem was that the guy had been a victim of identity theft earlier, and while he had reported it, Choicepoint didn’t take that into account. It’s somewhat amusing (if disturbing) that a firm that had sold data to identity thieves later was unable to fix the false data in someone’s file that was due to identity theft. Still, at what point do people realize that a single piece of data from these unreliable sources just isn’t enough to arrest someone? Update: A Choicepoint employee in the comments points out that this happened a few years ago, and that Choicepoint was fine over it. He then accuses us of making the same mistake as Choicepoint in not following up to get the latest details. Of course, there’s a bit of difference. No one went to jail when our story was a bit out of date.


Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Arrested Due To A Database Error”

Subscribe: RSS Leave a comment
36 Comments
ScaredOfTheMan says:

Just tell me why he can’t sue? Someone please explain to me, why the victim of Identity Theft, or Incorrect info cannot sue this company (for negligence or slander or something)?

I recalled reading the fact the identity theft victims were not able to sue, since they had no direct contract or relationship with the Data collection agency.

CP Employee says:

Re: Did He Sue Choicepoint

Yes, I’m biased. Yes, you probably hate the company I work for. Yes, they screwed up big-time…..almost a year and a half ago and have paid for it. There was the public cost in the FTC fine, and the non-obvious cost in outlays to comply with the rest of the FTC order as well as the internal changes that have taken place to go above and beyond said order.

Given that this “story” is focusing on an event over a year old (see link above), aren’t you just doing the same thing CP did by not following up?

Mike says:

Re: Re: Did He Sue Choicepoint

Yes and this kind of negligence is not just a “mistake” it destroyed the guys life, and your company should be forced to close, as it obviously cannot be trusted with anyones information, the fact that it was a year and a half ago is irrelevant, just more proof that citizens have far less rights in the US than companies do, and democracy has been dead for years. Might as well move to China.

CP Employee says:

Re: Re: Re: Did He Sue Choicepoint

Close down the company and put over 4000 people out of work because of an admittedly large mistake? Heck, even call it a series of mistakes. Does that still mean that a greater number of people should lose their jobs than were actually affected by the mistake?

Should we shut down AOL because they released search information that allowed individuals to be identified and tracked down? Since how long ago something happened is irrelevant, should we shut down McNeil Pharmaceuticals because they didn’t have good enough security in place to prevent someone from adding Cyanide to Tylenol resulting in consumer deaths? Since you seem determined to shut down a company when one person’s life is “destroyed”, how about every company who unjustly or illegally fires an employee. How about every company that fails to protect it’s employees from harassment? The list of examples is near infinite.

You say that Mr. Calderon’s life was destroyed, but when did that actually occur? In searching for additional information to see something other than “spent a week in jail”, I found this article at eWeek: Garbage In, Garbage Out of Control

According to that one, the week in jail was back in January of 2002. Now we’re talking about an incident over four and a half years ago. At what point do we stop just blindly accepting what is posted on the ‘Net as fact and actually doing some research? In my searching, I never did see any follow-up on Mr. Calderon. What happened after the week in jail? Is he currently employed? Did he sue CP? Like I said before – how about a little follow-up?

??? says:

Re: Re: Re:2 Did He Sue Choicepoint

OMG.

Do you seriously think 4000 people’s jobs are worth being thrown in prison, marked as a child molester and very likely made someone’s bi-atch?

I don’t necessarily agree that the business should be closed, bu that statement blows my mind.

You, sir, have placed far too little value on the dignity of the Human Being.

Sure, 4,000 folks without jobs sucks. At least they can get new jobs. Kinda hard to do that bent over Bubba in prison, eh?

chris (profile) says:

Re: Re: Re:2 Did He Sue Choicepoint

Since you seem determined to shut down a company when one person’s life is “destroyed”, how about every company who unjustly or illegally fires an employee. How about every company that fails to protect it’s employees from harassment?

it’s been a few years since the dot com crash, so my experience may be a little out of date, but when i was laid off there was very little chance of getting raped and/or shanked in the unemployment line. being an accused child molestor in prison is another issue.

tell you what, spend the night in a minimum security lockup and tell me if your life will still be the same.

CP Employee says:

Re: Re: Re:3 Did He Sue Choicepoint

Funny, I had a pretty bad experience when I was laid off in 2001

– Lost my car
– Lost my house
– Had no medical coverage and couldn’t go to the doctor when I got the flu (no free clinics in the area)
– Lost 50 lbs due to not enough money for food (20 lbs UNDERweight)
– Almost lost my wife and kids

In a way, CP saved my life by offering me a nice job in an area where I could do the work. Yes, they took a chance on me as I was a credit risk, but I had the skills they needed at the time and have proven myself a valuable employee. So, yes, I didn’t get a shiv in the back or make any nice friends in the shower, but I wouldn’t exactly call unemployment a walk in the park.

It’s easy for any of us to say “It was only a week” or “Just get a new job”, but until you actually walk a mile in someone else’s shoes, you really have no idea how bad it could be. Could CP have had better policies and procedures in place 4 1/2 years ago when this happened? Yes. Could the police department that did the arresting have done a better job of checking their facts? Yes. Could Fry’s have done a better job of handling the results of the background check? Yes.

Also, please don’t confuse what I post as a complete defense for the company. I agree with the fact that they passed on incorrect information. However, does anyone have any idea where they GOT that information? Maybe the source is the problem. How about the police department that arrested Mr. Calderon? Did they bother to check his story? It would be nice to have many more facts than just the ones that make for a good story.

EdB (user link) says:

Re: Re: Re:4 Did He Sue Choicepoint

3 years out of work. No prison time. Your company sucks and should have been shut down. Since that didn’t happen each and every victim of your company should be able to collect for damages. Not sue because fault has already been shown – just collect.

For defending your company YOU should be shot.

Nobody Special says:

a simple fix

The simple fix would be to codify something to the tune of a $!0,000 fine for each error, plus damages.

As to the comment about not following up – what did CP do to fix the problem? Do they have a time machine to travel back and make it right? You can’t fix the fact the guy spent a weekend in jail.

We are assuming that the error had been fixed in the database police use as well. If not, then the department that left his name there should be on the proverbial hook as well. Though honestly, I think that the department detaining him over a weekend should have some liability here as well.

Tack (user link) says:

The lion's den

Mr. CP Employee,

The story of Daniel and the Lions Den only worked due to two things:
1) He wasn’t given a choice before being thrown into the den. (God doesn’t intervene and save your rear if you’re just trying to be a hero.)
2) He didn’t get eaten. (Otherwise, the story probably wouldn’t be in the bible at the least.)

Your problem sir is that – regardless of the age of this story – you have voluntarily jumped into the lion’s den. Should you now be eaten alive, where should we send your old IP address?

To be honest, I don’t believe anything I read online anyway, and typically I give more weight to stories which themselves say “this story may be false and totally incorrect, but as we understand it…” so I myself would never trust your site, even if it had not had these issues. I mean, we’re talking about a person’s entire life. Did it ever occour to you that maybe this security guard got the job he has because he’s trying to do something for the greater good after falling victim to Identity Theft himself? Did it occour to you that maybe that entire spirit of “I can’t fix my problem, but I can keep others from having it!” might be the sole reason this man got a job as a security guard? Perhaps this person might have a terrible mental relapse of some kind now. I mean, if he hasn’t sued you, he certainly should. Yes, I’m biased due to my own mother being a lawyer, and that may make them hate me or my mother (sorry, I don’t work for her, so I can’t match your line exactly) but I can tell you that it’s a good thing she does corperate law and that this stuff didn’t occour in Alabama 5 years ago, or else somebody in the state senate (likely on your company’s payroll) would need to introduce some new lawsuit caps.

Insult to injury? Nah, I think more like rubbing the insult in the poor man’s face before injuring him then sticking the insult in the fresh wound.

In any case, give Techdirt a year to follow up on the story. It took them a year to publish it, so give them a year to correct it. After all, nobody would expect your company to correct something in less than a year after you got it wrong, now would they?

CP Employee says:

Re: The lion's den

Actually, I guess I should give them four and a half years to follow up. See my reply above.

As for the lion’s den, I expected that. I get this sort of reaction frequently. I take solace in the fact that I was not an employee until after even the aticle linked in this thread and was not part of the problem. I do what I can to point out where problems can arise and even though I just work at a subsidiary, do what I can to make things better.

Trouble Maker says:

two cents worth

If an arrest is culminated due to the information that is provided by a database and the information is incorrect, two actions should take place; first the Law Enforcement Agency that acted on the information without verification with another source is just as guilty as a company that maintains a database that contains incorrect data. Second; the company that maintains the data has to be held responsible for the information they maintain.

It is a matter of libel. Just as the National Tabloids are accountable for the UN-truths that they perpetuate, and this holds true for you and I, so they must be held accountable for their actions.

Imagine a Bank not being held responsible for the account database.

Or your phone company, not being held responsible for their data bases and just charging customers whatever they feel like it.

Yet, when a SPAM company in Illinois gets pissed off at a Spam Shield reporting company in the UK can be sued for the data in their database, then we have to hold everyone accountable.

CP Employee says:

Re: two cents worth

Actually, this is a well thought out argument and, to be honest, I agree. If a company libels you (even if I do work for them), they should be accountable just as John Q. Public could be held accountable. The drawback is that chances are high-priced lawyers have to get involved. For his sake, I hope Mr. Calderon found a contingency lawyer to represent him if he did decide to go this route.

anna says:

Good thing he didn't get sent to LA Jail

If the guy had been sent to LA County Jail, chances are he would have ended up dead. The worst thing that can happen to a man is to be charged and jailed on a charge of rape or child molestation, because inmates have their own code of moral conduct. F— Choicepoint. They’ve ruin people’s lives with their greed and incompetence.

balek says:

dig a little

Did a small bit of googling and found this: Calderon filed suit against Fry’s over the incident. He was in the awkward position of having to prove he was a different Steve Calderon than the one who fellow employees said, according to court documents, had committed rape and child molestation.

Fry’s and Calderon settled. But has the judge or any lawyer tried to protect this Calderon from the eyes of the “other” Calderon? Or prevent reuse of his personal information by anyone else?

No. Quite the contrary. On file, open to the public, is Calderon’s California driver’s license, Social Security card and a cancelled check, with the routing code for drawing money out of his bank account

See for yourself: http://www.findarticles.com/p/articles/mi_zdbln/is_200506/ai_n13640138

CP Employee says:

Since I'm in the update...

Before I get mis-quoted some more let me state some points here:

– I was not an employee of CP prior to the admission of the data breach
– I am not an official representative for the company
– I AM a little dismayed to see people focus on the past rather than the present, but understand that this is a sensitive area
– I comment when I see statements or comments that imply to me that someone has not thought the issue through and is only reacting to part of the story
– Am willing to take whatever flaming I will get as a result of my employment as long as people are willing to accept that there are always multiple sides to a story – something I see forgotten a lot when dealing with sensitive issues

All that being said, I feel that CP has come a long way since early 2005. For those asking about the details of the FTC order, check the FTC site. I don’t know if I’m allowed to talk about the details or not, so I err on the side of job preservation… 🙂

Nobody Special says:

CP responsibility

The problem was not that CP received bad information. The problem is that CP (and others in the business) often fail to include all relevant detail. For instance, in this case, they failed to maintain that the guy had been the victim of identity theft.

But they are quite guilty of including information they should not. For instance, they routinely include information about charges having been brought even after a person is acquitted of said charges. And the reason is quite simple – they answer to the people who want them to carry dirt. It is better for them to give a falsely negative report then a folsely positive report. And so they will error on the siade of negative whenever possible.

Ledi (user link) says:

Re: CP responsibility

In the past or not, a mistake of this caliber inside the intelligence community would have seen investigaotrs, factcheckers, and their supervisors jobless and prpbably short one security clearance.

Information in exchange for money is rarely accurate. and I fail to see how any of these companies benifit anyone but themselves.

There are many companies that will accuratley collect information for private companies, for failure to do so would cost them government contracts. Quite unlike a company that would release sensitive information to nigerian criminals.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...