RealTime IT News

Contractor Nailed Over Passport Snooping

A State Department contractor has been slapped with a fine after pleading guilty to looking at the passports of more than 50 celebrities -- including President Obama's, then a U.S. senator -- by using the government's Passport Information Electronic Records System (PIERS).

The U.S. District Court for the District of Columbia this week fined Gerald Lueders a total of $5,000, the maximum allowed in his plea agreement.

Perhaps the most disturbing aspect of this case is that a longtime employee -- one who was already collecting retirement and had a lot to lose -- behaved irresponsibly, causing harm to himself and to the government department he had worked for as a career employee for 27 years, and later rejoined as a contractor.

It's not the only such case at the State Department. Earlier this year, two other department employees were charged with similar crimes, raising concerns about the quality of privacy controls at the agency that hands out critical documents.

The State Department is not the only government agency in the spotlight for security issues. The Federal Aviation Administration (FAA) recently failed a security audit in a spectacular manner. A large number of government agencies recently succumbed for a time to a cyber attack.

Nor is the State Department the only organization finding it difficult to monitor employee behavior. A recent insider attack on an energy company served to highlight this security challenge.

An audit report last year highlighted the risk to passport systems and in particular highlighted the difficulty of monitoring contractors.

Idle curiosity leads to data leak

Why did Lueders, as prosecutors put it, "knowingly and intentionally exceeded his authorized access of State Department computer files?

In his plea agreement, Lueders said that he had been tempted out of "idle curiosity." His plea also agreement acknowledged that he helped the government trace his crimes.

But Lueders should have been trustworthy. He was a Foreign Service Officer (FSO) in the State Department from 1974 through 2001. He began to draw a retirement annuity in 2001.

He then worked as a watch officer at the State Department from 2005 through 2008, during which time he accessed the files for which he was fined.

Furthermore, the government said in its case against him that Lueders had to check a box acknowledging a warning that his activity would be tracked while he accessed the PIERS system.

In addition, Lueders had attended training courses that emphasized the importance of the data he was responsible for.