I quote here from the Standard-Times Privacy agreement offered to all posters on the gosanangelo online site, "III. We do not share personal information with any third party without your permission".
There is much more than that, but the rest is legalese ruffles and flourish, that sentence captures the promise the newspaper made to posters. That promise has been broken and the newspaper's reaction to the situation has been late and negligent at best. The print edition article in Sunday, May 4 edition is the first print acknowledgement the problem existed, and it was not only inadequate, it served to compound the error.
For those who do not follow the online version, a little background. The online edition has a feature that allows posters to register under a screen name and comment on articles or editorials in an ongoing forum. It has been a lively, close-to-real-time open comments back and forth, for the most part lightly moderated. Comments are subject to being removed for libel, obcenity, cuss words and such, many such comments have been pulled. A few posters have been outright banned for repetitive violations. In my case, the anonymity was never an item, I self-identified during the Charter Amendments debates as "barkeep". I posted often and enjoyed the free exchange beyond what deadlines and ink-on-dead-trees could possibly provide.
On April 25, I was told that lists of posters' real names were being bandied about in the Police Dept. and that officers who had posted for or against certain candidates were in fear of reprisal. Frankly, I knew that several officers from various candidates' camps had been posting under screen names, but I simply did not credit that the Standard-Times would give out a list, I blew it off as overly paranoid. That weekend, I heard from several sources the same story. Depending on which candidate a source supported, these people had varying ideas as to who had engineered this opening of user profiles, but the basic facts were congruent and stand without resort to conspiracy theories.
A change was made to the content management system that allowed, for about a day, any viewer, from any internet connected screen, to click on a screen name and get the registering user profile (real name, for those who didn't bother to lie when they registered) and complete posting history for that user. While my informants were concerned with Police Department posters, it worked for any poster, any topic, full history. One person expressed concern for teachers' privacy over a performance review topic that had been hot a few months ago. I wondered aloud had anyone bothered to check on true names of some of the FLDS posters. To be sure, blame notwithstanding, this leak was common knowledge by 4/24 PM. Personal note: by the time I heard of this, the barn door had been closed, I do not have the list so many people obviously do have.
Seeing nothing in the paper, I forwarded a heads up to Ty Meighan, along with some speculation, labelled as such, on Monday, 4/28, later acknowledged by e-mail. Late Wednesday, one WhiteHorseman "outed" 9 screen names, obviously taken from this leak. 1:15 AM 4/30, I posted as barkeep and made explicit for those who had not yet heard that which I outlined in the preceeding paragraph. This set off a flurry of "I know who you are; nyah, nyah, no you don't I lied" yadayada that continues to this day.
Finally, today, Sunday May 4, the Standard-Times publishes a story letting the rest of the world know that the privacy promised to posters had been breached 10 days before. As if the delay were not bad enough, the story in which this revelation is finally stated compounds the original breach. During that interim, nearly every correspondent to the online version has become aware the loss of privacy occured, but as in my case, not all of them had access to the full list. Readers of the ink-on-dead-trees paper were likely unaware this leak happened.
In the same edition where the Standard-Times endorses Tim Vasquez for re-election, the article announcing this violation of their privacy agreement leads off by blowing the apparent screen name of Vasquez' widely accepted as nearest contender, Jeff Davis. While not specifically naming them, the article goes on to say "At least four members of the officers' meet-and-confer team also have names attatched to comments...The city and its attorneys aren't likely to forget that when negotiations resume in the fall, and the ramifications go beyond that-the City Council could decide not to negotiate." Leave aside whether this effectively outs the meet-and-confer team, on what basis does the S-T allege the Council even can, let alone is likely to, refuse to negotiate? What part of meet and confer statute allows the city to unilaterally refuse to talk to the officers' duly elected representatives on the grounds of "we don't like what you said last spring"?
It appears Davis did handle this poorly, but, so long as The Standard-Times is "outing" posters, why not supporters of other candidates? I am unaware of any screen name directly tied to any other candidate specifically, but I have been keeping up with this race, and have probably read most of them. I can tell you this; advocates for, if not the actual candidates have played the "I know who you are" game and some made comments rude enough to rate removal. While I do not endorse, just to be honest, in the heat of this I had a first-time removal; after a poster wished I had been aborted, I responded with someting rude enough to get (justifiably) removed.
Critical to understanding this issue, for those not using the online forum, is the meaning of "user profile" the actual information revealed. When a poster registers, the one verifiable field is the e-mail address. Should one care to, one can fill in name as Mickey Mouse, address Disneyworld. At least one poster was revealed to be using three screen names, different e-mail links for each. The information that was revealed consisted of these self-proclaimed user profiles. Some people gave aliases there as a second layer of identity protection, in retrospect, not unreasonably. Those immediately revealed were those who were most trusting in the privacy agreement and didn't bother to lie, or the few, such as myself, who didn't care. I went with "barkeep" because I have used it for many years on many other forums, not for concealment.
I have sworn to protect confidential statements, not necessarily to believe everything I am told, but if I tell someone I will not say where this came from, I won't. People from different camps talk to me, and I stress here, candidate advocates, no candidate personally does. I have not and will not endorse a candidate, and I try to weigh the bias of sources who talk to me. That clear, there is a huge misunderstanding about this breach of the privacy agreement. I hear from different sides "so&so outed me, everybody knows so&so is a mouthpiece for Candidate X".
Please people, the party responsible for revealing user profiles, to the extent they are true names, that party is the Standard-Times. This person or that may have taken advantage of that information in ways I would find ethically questionable, but they could never have done so had the Standard-Times not made the information available in contravention of an explicitly stated privacy agreement.
That said we move to the handling of this breach by the Standard-Times. I think in legalistic terms, my Blog partner Mr. Turner thinks in computer geek terms, I came up with "negligent", he prefers "incompetence". I only diferrentiate because negligent has legal implications in tort law that incompetent doesn't necessarily encompass.
The explanation offered in today's Standard-Times article states this was, "not a hack into the Standard-Times' site by supporters of a certain candidate, as conspiracy-minded commenters have suggested". I may have missed a comment here or there, but no one I've talked to thought this was an outside hack. By accident or no, there are people who find it remarkably coincidental that this "open door" was coincidentally tripped over by people willing to take advantage of it. I won't say that didn't happen, but I'm a fairly successful gambler and I didn't get there drawing to inside straights.
The genesis of this information leak had to be in-house, and today's article says as much. To be perfectly clear, I do not mean, necessarily, in house as to the confines of the Standard-Times Harris St. building, but corporate in-house. After that, the explanation gets thin real quick. The mistake is attributed to "new employees in Knoxville" who were in a weekly process which "reset privacy controls for newspapers across the chain, not realizing the Standard-Times wanted to keep profile data away from the public". Excuse me, but which Scripps Howard newspapers DO intend to make user profile information public? Last time I looked in on the Abilene Reporter News, they didn't. Did they last Thursday? Scripps Howard has, I believe, 19 newspapers, not all have online comments, but those which do, have identical privacy agreements.
Why did the Standard-Times wait 10 days after they say their people were advised of this breach to make a public statement alerting users it had happened? If the reader is unfamiliar with the online edition and the comments section, it has been an open free-for-all with commenters from every side calling out their opposition advocates since WhiteHorseman ID'd 9 posters April 29th. Don't bother to look for WhiteHorseman's original posts that evening, they have vanished. In fine point of fact, their reporter inquired of me had I happened to print out those comments, he could not access them. As it happens, I had, I may have the only existing copy of those comments as they originally appeared. Don't even ask which rock that is buried under.
The article states that their online director Betty Brackin "is working individually with those wishing to reclaim their anonymity". Maybe so, but even that help is limited to those posters who are already aware they were outed and ask for help. For all anyone knows, posters on say the teacher evaluation subject may not have checked in lately, may have been utterly unaware that their personal information and comment history is open to any inquiring mind who knew about this "window of opportunity". This should have been as public as an automobile safety recall. In truth, I have been too patient. The Standard-Times article Sunday says they were aware of this Friday, April 25. Give some allowance for getting the full story, the Standard-Times should have had an alert in print sometime that weekend, before I sent them my heads-up letter.
That aside, how well has their remedy worked? One case I have tripped over, a poster did ask Ms. Brackin for help. Sho' nuff, poster X was given a new screen name, and the old posts were removed. Unfortunately, when I went back to posts put up a week before the leak, I see this: The post by X in support of candidate Y was removed; two responses to that post are still there, only now they read "response to (new screen name X)" then in the body of the text response, the old screen name is used. In short, this poster has been retroactively "outed" a second time, backdated to a week before the original leak happened!
Make no mistake; I appreciate the Standard-Times, in this case I have often complimented the reporter who wrote the story I have objections to. I enjoy the online trading of opinion. In this case, the story, the revelation of identity, the remedy for it and the explanation of it has been poorly done. It cannot escape attention that in the same edition where the paper's endorsement of incumbent Chief Vasquez includes this: "the incident eventually led to a Texas Ranger investigation after Vasquez disclosed to the Standard-Times that the woman was an informant for SAPD Sgt. Jeff Davis. Revealing such information is a felony...", the Standard-Times compounds its own violation of confidentiality by disclosing the identity of Vasquez' most threatening opponent to print edition readers who may have been completely unaware of this tempest. I have my own copy of the "AP Stylebook" 2007 edition and its guidelines to confidential sources. If ya'll need one Hastings has them in stock. I gave you the Palmer file for free, this you can buy.