On the grid
Can a massive database of personal information help the homeless without violating their privacy?
Published: January 13, 2011
While the couple waits for dinner, Food Not Bombs organizer Ben Markeson snaps photos of an unmanned truck that has been parked in a nearby cul-de-sac with its hazard lights on for the past 15 minutes. He’s hoping to demonstrate that the city has a double standard when it comes to applying the law to the homeless – a few weeks prior, police had given a parking ticket to a Food Not Bombs volunteer who had stopped her van momentarily to unload food for the regular sharing. “Basically, the city doesn’t want homeless people anywhere in Orlando,” Markeson says.
Though Allen hasn’t been in town long enough to make that judgment – she came from Ft. Lauderdale only a year ago – news of the database, to her, is another piece of evidence that the homeless are “stigmatized.”
That notion is one reason Sue Watlov Phillips, treasurer for the National Coalition for the Homeless, is a vocal opponent of HMIS. “If you put any one of us into the HMIS system, there’d be a lot of similarity between everybody,” she says. Phillips invokes her field of expertise – psychology – to prove her point, saying that fully half of Americans suffer from some sort of “chemical” or mental disorder. “The only difference is that you and I have enough money to afford a home, and the folks in the HMIS system do not,” she says. “All of us have issues.”
Her concerns about the homeless being singled out are shared by prominent civil liberties groups such as the American Civil Liberties Union, the Electronic Privacy Information Center and the Center for Democracy & Technology. In 2003, these organizations sent a letter to HUD stating that HMIS would “create a system of tracking similar to those imposed on individuals convicted of crimes” and with that, brought “unreasonable security risks” to the homeless. “When information is aggregated in a single place,” the letter says, “it becomes more valuable to malicious actors, and is more likely to be attacked.”
But why would anyone be interested in a homeless person’s information?
“If you consider identify theft in the financial realm, [the homeless are] not the primary targets,” says Jay Foley, executive director of the nonprofit Identity Theft Resource Center. “But when you consider it in the realm of employment, criminal activity or governmental benefits, it’s a target-rich environment.”
Recently, identity-theft scams targeting the homeless have been reported in Kentucky, California and Washington, baiting the homeless with anywhere between $5 and $850 for their personal information. “We just worry that it’s going on all across the country,” Foley says.
Foley says he doesn’t oppose the idea of a homeless database, provided that security measures are sound. And Jackson, Remigio and Sullivan all argue forcefully that this is the case with HMIS.
According to Josh Johnson, vice president of customer relations at Bowman Systems, which provides the ServicePoint software for the Central Florida HMIS system, the security measures of any HMIS database are similar to those found on the websites of major banks. All HMIS systems require a unique username and password to login and feature a “secure sockets layer” which encrypts data so that the user and the website are communicating in the same “language,” so to speak, but one that a hacker would not understand. Optional additional security measures are limited login attempts, access given to only specific computers and even more layers of encryption. “Anything you submit ‘over the wire’ – over the Internet – you want to be secured,” Johnson says. “[And] security continues to be our number one priority.” (Bowman Systems says it controls 70 percent of the HMIS software market, but declines to translate that into a dollar figure. In 2009, Florida received more than $2.3 million from HUD for HMIS databases across the state. Central Florida’s system received $124,388.)
> Email Jeff Gore