A little Obama perspective
In 1994, Obama was a lecturer at the University of Chicago Law School; an associate at the law firm of Davis, Miner, Barnhill & Galland; and sat on the boards of directors of the Woods Fund of Chicago and the Joyce Foundation.
Back in 1991, Obama’s biography was published by his literary agency. The biography stated that Obama was born in Kenya. Through multiple revisions, the claim that Obama was born in Kenya remained intact until April 21, 2007, when he was running for the presidency. After 16 years, the biography was suddenly changed to state his birth place as Hawaii. If born in Kenya to the parents he has named, then Obama is ineligible for the presidency. If born in Hawaii, he may or may not be eligible for the presidency, depending upon factors that may have become known if his passport history had not been “cauterized.” [This paragraph was inserted as an update on 9/09/2012.]
In 1995, Obama was the founding president and chairman of the board of the Chicago Annenberg Challenge (with which FactCheck blog is associated). Also in 1995, Obama first published his memoir Dreams From My Father. That same year, his mother died. Prior to publication of the memoir, Obama and his wife traveled to Bali to overcome his writer’s block (they said).
In 1996, Obama was elected to the Illinois State Senate and traveled to the UK to visit half-sister Auma’s family. Prior to that, Obama traveled multiple times to Kenya during the 1980s and 1990s, perhaps even earlier. He traveled to Europe in 1988. He allegedly obtained his Social Security Number in 1977, although he claims to have worked for Baskin-Robbins in Hawaii, before 1977. Indications are that the SS# he uses is fraudulent.
(Obama traveled back and forth between Indonesia and Hawaii numerous times, during childhood, although those trips would predate PIERS. However, he used the name Barry Soetoro during childhood, and his mother’s passport records seem to indicate another alias–Soebarkah. It was common for Indonesians to use only one name.)
Obama traveled to Pakistan in 1981, the summer after he allegedly registered for the draft. He traveled to Indonesia in 1983, according to biographer Janny Scott. He traveled to Kenya soon after his father died in November 1982. According to biographer David Mendell, that trip to Kenya took place in 1983.
As a U.S. senator, Obama traveled to Moscow, Kiev, and Baku, Azerbaijan, in 2005; and to Qatar, Kuwait, Iraq, Jordan, Israel, South Africa, the Democratic Republic of the Congo, Kenya (where he campaigned for his cousin Raila Odinga, in alleged violation of the Hatch Act), and Djibouti, Chad, in 2006. While in Russia in 2005, he was detained for some hours at the airport by Russian authorities who had questions about his passport.
With all these trips between 1978 and the present, the Department of State likely had quite a dossier on Obama in its computerized archives.
The OIG report stated that the PIERS database had more than 20,000 authorized users in 2008, and over half of them were contract employees. The report also said that
almost all users have “read only” access.
Almost all, but not ALL. The footnote associated with that comment, which presumably explains who has more than read only access, is redacted.
There exist other passport-related databases, among them Travel Document Issuance System (TDIS), the Passport Records Imaging System Management (PRISM) database, the Passport Lookout Tracking System (PLOTS), the Management Information System (MIS), and the Consular Lost and Stolen Passport (CLASP) system.
The OIG report informed us that the State Dept. apparently has neither the ability nor the authority to discipline contract employees–that falls to supervisors at their place of employment. In this instance, John O. Brennan was the ultimate supervisor of one potential Obama passport cauterizer.
So how does information get into PIERS? Contract employees do the drudge work. They process applications, scan documents, and print passports and other documents. However, federal employees are their immediate supervisors; the supervisors review documents and approve or deny passport applications.
It seems obvious that someone has “input” access, meaning the ability to add to or change records in the database as well as to delete records from the database. (How difficult is it to substitute one scan for another?) At a press briefing, reporters were told
Contractors support government employees by answering customer service enquiries, printing and mailing issued passports, and entering data. … The Passport Information Electronic Retrieval System, or PIERS, with access to only a small subset of those documents, typically contains only the applicant’s passport application form (including photograph). In complex circumstances, for instance if there are grounds to suspect possible fraud, if a person born overseas claims citizenship by virtue of having an American citizen parent, or in certain passport applications from minors, we may need additional evidence to review the applications, and we keep this information in the passport file with the applications, accessible by PIERS. … In more complicated cases, such as those involving a derivative citizenship determination, law enforcement issues, or possible fraud, we may keep originals or copies of other documents in the file.
(Note: The link to the explanation about citizenship of persons born abroad is inaccessible, due to the presence of a robots.txt on the page, from which one can infer that the page is deliberately removed from public view.) From what we know of Obama’s biography, it features more than “complex circumstances.”
The government’s Privacy Impact Assessment (PIA) claimed that
PIERS tracks and logs the activities of system users. It logs the authorized user and timestamp in which it was accessed.
However, the OIG learned to the contrary that
The PIA information appears to contradict what OIG observed during the course of this review. While PIERS may track and log user access, it does not maintain information regarding what specific activities were conducted or why the system was accessed.
PIERS offers users the ability to query information pertaining to passports and vital records, as well as to view and print original copies of the associated documents. … [N]either Consular Affairs nor the Department had implemented breach notification policies, procedures, or other criteria for reporting incidents of unauthorized access of passport records when they were detected.
Geisel noted that Consular Affairs should henceforth produce accurate Privacy Impact Assessments for PIERS and other databases.
The appalling lack of security explains why then-Secretary of State Condoleeza Rice could not assure anyone that information was not changed or deleted (“cauterized”) during the course of these breaches. As the Washington Times reported:
Officials do not know whether information was improperly copied, altered or removed from the database during the intrusions.
One wonders whether the system was never designed to journal or log transactions or whether the functions were turned off at certain times, so that these changes were not traceable.
In any case, it appears that there’s no audit trail. No before image or after image of specific database records. That certainly is poor software systems design, especially for such a critical database. Ask any software engineering professional.
However, the underlying documents, which were scanned or transcribed into the database, ought to exist somewhere.
Or database backups ought to exist somewhere, because it defies common sense to believe that such critical databases would not have multiple backups in case of a catastrophic event. Or a hacking.