More on that very distressing privacy breach involving the publication of personally identifying information about adult porn actors. Buzz Killington writes:
… It is an open secret within the industry that the website, Pornwikileaks.com, has published the real names and addresses of over 12,000 performers, opening them up to potential harassment by predators or others seeking to embarrass them or their families.
Access to performers’ real names on the internet is nothing new, however. A quick Google search can reveal similar details, but the preponderance of information on the site and the propensity of those posting information to it to spew hateful vitriol, advocating harassment against adult performers and their families, is unprecedented.
[…]
Published mainstream media reports, based on a blog post from Mike South, have linked much of the leaked performer information to data available in the AIM Medical Associates database. However, much of the information posted on Pornwikileaks.com also includes pictures of performers’ drivers’ licenses and home addresses—data that is not accessible on the AIM database.
[…]
But AIM is not the only source of potentially harmful or embarrassing personally identifiable information about performers. Every time a scene or movie is sold by a production company to a VOD provider, or a photo set is sold to an adult magazine, or movie screeners are sent out to reviewers, 2257 [Title 18 USC Section 2257 – model information/release forms] information with real names, addresses, social security numbers and contact info for the performers is included. The potential always exists for there to be a leak somewhere in the dissemination of that information, to which an untold number of people have access. The greater the number of access points to such information, the harder it is to determine from where the leak(s) originated.
Read more on AVN. Adrian Chen on Gawker provides additional coverage, including why some people are pretty damned sure that AIM’s database was compromised.
There is just so much wrong here – not with the reporting necessarily, but with the whole system for how records were retained and who can access them. Last year, there were reports that there would be some investigations, but I’m not sure what happened and whether those investigations were conducted and if so, with what conclusion.
If this was a HIPAA-covered situation and an investigation held, would the government require AIM and other entities to clean up their security act in terms of who and how many people can access the database? Probably. Would they require or strongly urge them to have better access and audit controls? Probably.
It would be nice to see federal and state investigators take the privacy of adult porn actors as seriously as they take the privacy of every other group.