In U.S. government shutdown, your privacy takes a hit

Privacy news
3 mins
The U.S. government shutdown causes privacy problems

This article was originally published on January 17, 2019.

Now well into its third week, the U.S. government shutdown has officially become the longest in history. More than 800,000 federal employees are working without pay, and the effects, as you can imagine, are beginning to pile up.

While the impact on national parks, airport security lines, and popular cultural attractions can be easily observed, some of the more worrisome effects are a bit harder to quantify.

For starters, the websites for both the Federal Trade Commission (FTC) and the Federal Communications Commission (FCC) are down, which means consumers are left in the lurch. Perhaps scarier, the FTC has also shut down its identity theft website—the site where people go to report fraud activity.

When you open the site, you’re met with a stark notice that reads:

“Due to the government shutdown, we are unable to offer this website service at this time. We will resume normal operations when the government is funded.”

What this means is that aside from less regulation on all your favorite (or not-so-favorite) government-funded facilities, this shutdown could inadvertently be putting your privacy at risk.

What happens when there’s no one to tell?

Identity theft was the second-largest consumer complaint to the FTC in 2017, when more than 100,000 new reports were filed. That was a 3% rise from 2016, and it is expected to have increased last year as well.

“Without a proper avenue for people to file and document fraud reports, hackers have more freedom than ever before.”

Without a proper avenue for people to file and document fraud reports, hackers have more freedom than ever before. This means people who are trying to report a crime—or verify an older report—are basically in legal limbo.

And then there’s the threat from robocalls and scam sellers. Because the FCC is inactive, people aren’t able to report and expose fraud numbers, so these automatic spam calls are free to run rampant.

Already, people have reported calls that are using the shutdown as a means to sway unassuming listeners to hand over their personal information. One, in particular, hooks recipients by claiming that the recent shutdown has affected their standing with the IRS. It then goes on to ask the listener to “verify” personal information by handing it over.

Unfortunately, without the ability to check and verify which numbers are real and which aren’t, most third-party call blockers aren’t able to update their software, leading to more unnecessary calls and more angry customers.

Privacy takes a back seat during closures

The problems extend far from Washington, too. People in Phoenix, Arizona, have faulted the Department of Homeland Security after it sent out mass appointment cancellation emails to hundreds of people—whose personal email addresses were openly visible to every recipient of the message.

Many local immigration offices have also started closing early. As noted on the USCIS website, “This information can change quickly, so please check this page on the day of your appointment.” While USCIS office closures may not directly affect your privacy, the little regard given to personal data is something that’s sure to carry over into other branches—if not already.

The U.S. government is the single largest spying power in the world, and with all the potentially embarrassing data it’s collected, there’s never been a better time for hackers to find their way in.

What to expect if the shutdown continues

While there’s no way to predict when the shutdown will end, here’s what to expect on the privacy and security fronts.

One trend you’re bound to see is more and more websites rendered inactive. Already, government-funded sites like NASA and the Department of Justice have become inert, and if the shutdown continues, more sites will be automatically shut down due to outdated or expired security certificates. According to Engadget, more than 80 TLS certificates have already expired.

The FCC has also stopped certifying new electronic devices that are heading to market. Though this may not have an immediate impact, the long-term repercussions could be worrisome. If some gadget comes along with super invasive built-in spying technology, it might not be acknowledged for days, weeks, or even years.

For some of these dangers, you still have some recourse. If you believe you’ve been a victim of data or identity theft, contact your bank and follow the steps in this archived page. For the rest, you may be in the same boat as a furloughed government worker: All there is to do is wait.