Employee snooping on customer data is common
MADISON, Wis. -- A landlord snooped on tenants to find out information about their finances. A woman repeatedly accessed her ex-boyfriend's account after a difficult breakup. Another obtained her child's father's address so she could serve him court papers.
All worked for Wisconsin's largest utility, where employees routinely accessed confidential information about acquaintances, local celebrities and others from its massive customer database.
Documents obtained by The Associated Press in an employment case involving Milwaukee-based WE Energies shine a light on a common practice in the utilities, telecommunications and accounting industries, privacy experts say.
Vast computer databases give curious employees the ability to look up sensitive information on people with the click of a mouse. The WE Energies database includes credit and banking information, payment histories, Social Security numbers, addresses, phone numbers, and energy usage. In some cases, it even includes income and medical information.
Experts say some companies do little to stop such abuses even though they could lead to identity theft, stalking and other privacy invasions. And companies that uncover violations can keep them quiet because in many cases it is not illegal to snoop, only to use the data for crimes.
"The vast majority of companies are doing very little to stop this widespread practice of snooping," said Larry Ponemon, a privacy expert who founded The Ponemon Institute, a Traverse City, Mich.-based think tank.
Jim Owen, spokesman for the Edison Electric Institute, a lobbying association that represents utilities, disputed suggestions the problem was common in the industry.
"I am not aware of any other situation that has arisen in the utility sector," he said.
WE Energies says it has taken numerous steps to stop the problem but even so detecting misuse can be difficult because it is hard to discern the legitimate access of customer information from employees looking for curiosity.
"People were looking at an incredible number of accounts," Joan Shafer, WE Energies' vice president of customer service, said during a sworn deposition last year. "Politicians, community leaders, board members, officers, family, friends. All over the place."
Her testimony came in a legal case involving an employee who was fired in 2006 for repeatedly accessing information about her ex-boyfriend and another friend. An arbitrator in November upheld the woman's firing. The AP reviewed testimony and documents made public as part of the case.
The misuse came to light in 2004 when an employee helped leak information to the media during a heated race for Milwaukee mayor that a candidate, acting Mayor Marvin Pratt, was often behind in paying his heating bills. Pratt lost to the current mayor, Tom Barrett.
After the incident involving Pratt, the company fired the employee who leaked the information and vowed to crack down after finding others engaged in similar practices. In all, the utility fired or disciplined at least 17 employees for breaking the policy between 2005 and 2007, according to testimony and company records.
Governmental agencies have also struggled with the problem.
The IRS took 219 disciplinary actions, including firings and suspensions, against employees who browsed through confidential taxpayer information last year, according to the U.S. Treasury Inspector General for Tax Information. That was more than double the number the previous year.