Per Enrico Zini, the Italian Tax Men and Women decided it would be a wonderful idea to post every single Italian’s reported Income, allegedly with their name and address as well! Apparently the site was having connection issues due to the flood of people trying to verify this after the Reuters story, but for the Italians, it looks like the best we can hope for is that the people trying to see it were just curious, and weren’t making any plans for that data.
At least that data has been taken down now, but the Minister of the department tried to somehow blame his decision on Americans. Admittedly, our government has made some pretty gross violations of personal privacy in the last seven years, and some of that was people clamoring for those liberties to be taken in the name of safety. Still, nothing that has happened in the US has been anywhere near this level of disclosure. In this country, it’s bad form to even ask what a person earns. Apparently, in Italy, for at least a few hours, you could simply go look. Companies must have loved dealing with the fallout from that.
Enrico’s comments about the plaintext CAPTCHA were pretty amusing. Typically, when trying to meet accessibility requirements, most people use an Audio CAPTCHA. I’m not even sure why they tried to obfuscate the text using extra <span> tags, since any screenreader would need to be able to read the text in order for it to be “accessible”, so clearly the text is already machine-readable. Periodic exercises in futility seem to be common in both IT and Government worldwide, I suppose.
The fact that the Italian Government would provide a functional road map to identity thieves, kidnappers, burglars, and other detestable portions of society is appalling. The closest thing to this level of purposeful information disclosure I can think of in the US is the Social Security Death Index, which at least has a reasonable reason behind it. It allows people to verify an SSN as not belonging to a dead person before allowing it’s use. Unfortunately, many lenders don’t even bother checking. At least they haven’t, perhaps that’s about to change.
We are forced to give a lot of personal information to the government and companies all the time. Had an Italian Corporation done this with their customer files, than that company would be facing enormous civil and likely governmental fines and other punishments. The Director who approved this disclosure deserves, at the very least, to lose his position in a disgraceful manner. He violated the trust of every single Italian, who implicitly trusted their government to treat their tax information confidentially. Hopefully, the Italian people take action.