Test Data Leads To Police Raids

In New York City, some test data made it into production. Unfortunately, it was a police system and led to police raiding a couple’s home fifty times:

The snafu started in 2002, when police used the Brooklyn address as part of what Browne called “random material” to test an automated computer system that tracks crime complaints and records of other internal police information. Before that, the work was done manually.

The couple first complained about the harrowing police visits in 2007, when Rose Martin wrote a letter to Kelly. “And we identified the problem then,” Browne said. “It was a mistake by the police department.”

So what do you do to manufacture test data with the foresight of knowing that it could go into production? You could make it obvious, such as “Blah blah blah test,” but then it looks silly when that leaks up.

I, on the other hand, prefer to use a set of standard user names that include non-obvious markers such as using the company’s name as the last name. For the address, I always use the business address or the CEO’s home address.

I’m not keen on playing with a snapshot of real people’s data because something like this can happen. And if it’s the CEO’s door getting banged on by the SWAT team, you can bet it won’t take 50 visits to get it fixed.

(Link to this story seen in the Twitterverse, but I was tracking the story from before that because this sounded like a bad data issue even without the confirmation. Not to mention a poor process on the part of the police to require a fiftieth bad raid to make them fix it.)

Comments are closed.


wordpress visitors