Various national databases of United States persons, and their activities, have been compiled by government and private entities. Different data types are collected by different entities for different purposes, nominal or otherwise. These databases are some of the largest of their kind, [1] and even the largest ever. [2] Accessibility of government databases may be controlled by various means, such as requirement of a warrant, subpoena, or simple request from another branch of government. Commercial databases are generally established for profit. Some other databases are available for free usage with various states across the United States. Typical instances include Colorado Resident Directory [3] and many others out there on the internet. Data breaches may occur as a result of a vulnerability or publication in error.
![]() |
Data types | Program | Collector | Nominal purpose | Contains | Accessibility | Known breaches |
---|---|---|---|---|---|---|
Contact and educational information [4] [5] | Joint Advertising Marketing Research & Studies (JAMRS) | Department of Defense | Military recruitment | Public school students 17 and older | ||
Telephone call metadata | MAINWAY | National Security Agency | Military national defense | 1.9 trillion call-detail records (estimated) | Assessed internally as "51% confidence" of being foreign | |
Consumer transactions [6] [7] | Consumer Financial Protection Bureau | at least 10 million consumers | data at least partially anonymized | |||
Usual residency | Census | Census | assignment of federal representation | all persons | Confidentiality protected | |
Identity, citizenship, residency, income, employment, medical, incarceration, and contact information | Federal Data Services Hub | Internal Revenue Service and Health and Human Services | administration of the Patient Protection and Affordable Care Act | all persons | ||
Exteriors of mail | Mail Isolation Control and Tracking (MICT) | United States Postal Service | criminal surveillance | all mail | Request by law enforcement | |
Fingerprints [8] | Integrated Automated Fingerprint Identification System (IAFIS) | Federal Bureau of Investigation | criminal and civilian monitoring | 104 million persons (including 34 million non-criminals) | ||
Finger and palm prints, iris, and facial data (under development to replace the Integrated Automated Fingerprint Identification System) | Next Generation Identification (NGI) | Federal Bureau of Investigation | criminal and civilian monitoring | |||
DNA | Combined DNA Index System (CODIS) | Federal Bureau of Investigation | criminal investigation | 10 million persons | ||
Income and employment | Internal Revenue Service (IRS) | Internal Revenue Service | Tax collection | Federal taxpayers | 10,000's of 527 organization data [9] |
Data types | Program or Subsidiary | Collector | Nominal purpose | Contains | Accessibility | Known breaches |
---|---|---|---|---|---|---|
Employment and salary records [10] | The Work Number | Equifax | debt collection and consumer profiling | 190 million records covering more than one-third of U.S. adults | For sale | |
Vehicle location data [11] | Vigilant Solutions | Digital Recognition Network | consumer profiling | containing at least 700 million scans | For sale | |
Vehicle location data [11] | MVTrac | repossession | "large majority" of registered vehicles [11] | For sale | ||
Vehicle location data [12] | National Vehicle Location Service | over 800 million records [12] | ||||
Firearm ownership | National Rifle Association of America [13] | Political campaigning | "tens of millions of people" (estimated) [13] | |||
Stolen personal data | SSNDOB [14] [15] [16] | Larceny | 4 million persons [16] | For sale | March 2013 [16] |
The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collection, and processing of information and data for global intelligence and counterintelligence purposes, specializing in a discipline known as signals intelligence (SIGINT). The NSA is also tasked with the protection of U.S. communications networks and information systems. The NSA relies on a variety of measures to accomplish its mission, the majority of which are clandestine. The NSA has roughly 32,000 employees.
Identity theft, identity piracy or identity infringement occurs when someone uses another's personal identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. The term identity theft was coined in 1964. Since that time, the definition of identity theft has been legally defined throughout both the U.K. and the U.S. as the theft of personally identifiable information. Identity theft deliberately uses someone else's identity as a method to gain financial advantages or obtain credit and other benefits. The person whose identity has been stolen may suffer adverse consequences, especially if they are falsely held responsible for the perpetrator's actions. Personally identifiable information generally includes a person's name, date of birth, social security number, driver's license number, bank account or credit card numbers, PINs, electronic signatures, fingerprints, passwords, or any other information that can be used to access a person's financial resources.
LexisNexis Risk Solutions is a global data and analytics company that provides data and technology services, analytics, predictive insights, and fraud prevention for a wide range of industries. It is headquartered in Alpharetta, Georgia, and has offices throughout the U.S. and in Australia, Brazil, China, France, Hong Kong, India, Ireland, Israel, the Philippines, and the United Kingdom.
RELX plc is a British multinational information and analytics company headquartered in London, England. Its businesses provide scientific, technical and medical information and analytics; legal information and analytics; decision-making tools; and organise exhibitions. It operates in 40 countries and serves customers in over 180 nations. It was previously known as Reed Elsevier, and came into being in 1993 as a result of the merger of Reed International, a British trade book and magazine publisher, and Elsevier, a Netherlands-based scientific publisher.
LexisNexis is an American data analytics company headquartered in New York, New York. Its products are various databases that are accessed through online portals, including portals for computer-assisted legal research (CALR), newspaper search, and consumer information. During the 1970s, LexisNexis began to make legal and journalistic documents more accessible electronically. As of 2006, the company had the world's largest electronic database for legal and public-records–related information. The company is a subsidiary of RELX.
Keith Brian Alexander is a retired four-star general of the United States Army, who served as director of the National Security Agency, chief of the Central Security Service, and commander of the United States Cyber Command. He previously served as Deputy Chief of Staff, G-2 (Intelligence), United States Army from 2003 to 2005. He assumed the positions of Director of the National Security Agency and Chief of the Central Security Service on 1 August 2005, and the additional duties as Commander United States Cyber Command on 21 May 2010.
MAINWAY is a database maintained by the United States' National Security Agency (NSA) containing metadata for hundreds of billions of telephone calls made through the largest telephone carriers in the United States, including AT&T, Verizon, and T-Mobile.
Bloomberg Law is a subscription-based service that uses data analytics and artificial intelligence for online legal research. The service, which Bloomberg L.P. introduced in 2009, provides legal content, proprietary company information and news information to attorneys, law students, and other legal professionals. More specifically, this commercial legal and business technology platform integrates Bloomberg Law News with Bloomberg Industry Group's primary and secondary legal content and business development tools.
The Syrian Electronic Army was a group of computer hackers which first surfaced online in 2011 to support the government of Syrian President Bashar al-Assad. Using spamming, website defacement, malware, phishing, and denial-of-service attacks, it has targeted terrorist organizations, political opposition groups, western news outlets, human rights groups and websites that are seemingly neutral to the Syrian conflict. It has also hacked government websites in the Middle East and Europe, as well as US defense contractors. As of 2011, the SEA has been "the first Arab country to have a public Internet Army hosted on its national networks to openly launch cyber attacks on its enemies".
William "Bill" Edward Binney is a former intelligence official with the United States National Security Agency (NSA) and whistleblower. He retired on October 31, 2001, after more than 30 years with the agency.
The Office of Tailored Access Operations (TAO), now Computer Network Operations, and structured as S32, is a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA). It has been active since at least 1998, possibly 1997, but was not named or structured as TAO until "the last days of 2000," according to General Michael Hayden.
PRISM is a code name for a program under which the United States National Security Agency (NSA) collects internet communications from various U.S. internet companies. The program is also known by the SIGAD US-984XN. PRISM collects stored internet communications based on demands made to internet companies such as Google LLC and Apple under Section 702 of the FISA Amendments Act of 2008 to turn over any data that match court-approved search terms. Among other things, the NSA can use these PRISM requests to target communications that were encrypted when they traveled across the internet backbone, to focus on stored data that telecommunication filtering systems discarded earlier, and to get data that is easier to handle.
Edward Joseph Snowden is an American-Russian former NSA intelligence contractor and whistleblower who leaked classified documents revealing the existence of global surveillance programs. He became a naturalized Russian citizen in 2022.
Identity theft involves obtaining somebody else's identifying information and using it for a criminal purpose. Most often that purpose is to commit financial fraud, such as by obtaining loans or credits in the name of the person whose identity has been stolen. Stolen identifying information might also be used for other reasons, such as to obtain identification cards or for purposes of employment by somebody not legally authorized to work in the United States.
During the 2010s, international media reports revealed new operational details about the Anglophone cryptographic agencies' global surveillance of both foreign and domestic nationals. The reports mostly relate to top secret documents leaked by ex-NSA contractor Edward Snowden. The documents consist of intelligence files relating to the U.S. and other Five Eyes countries. In June 2013, the first of Snowden's documents were published, with further selected documents released to various news outlets through the year.
The Colorado Revised Statutes (C.R.S.) are a legal code of Colorado, the codified general and permanent statutes of the Colorado General Assembly.
Alex Stamos is an American, cybersecurity expert, the former chief security officer (CSO) at Facebook. His planned departure from the company, following disagreement with other executives about how to address the Russian government's use of its platform to spread disinformation during the 2016 U.S. presidential election, was reported in March 2018.
Between May and July 2017, American credit bureau Equifax was breached. Private records of 147.9 million Americans along with 15.2 million British citizens and about 19,000 Canadian citizens were compromised in the breach, making it one of the largest cybercrimes related to identity theft. Equifax discovered the breach end of July, but did not disclose it to the public until September 2017. In a settlement with the United States Federal Trade Commission, Equifax offered affected users settlement funds and free credit monitoring.
DarkMatter Group is a computer security company founded in the United Arab Emirates (UAE) in 2014 or 2015. The company has described itself as a purely defensive company, however in 2016, it became a contractor for Project Raven, to help the UAE surveil other governments, militants, and human rights activists. It has employed former U.S. intelligence operatives and graduates of the Israel Defense Force technology units.