• Categories

  • Pages

  • Archives

IDNYC – The Largest Municipal ID Program In The Nation; The Good, The Bad and the WTH??

idnyc v02

What is IDNYC?   As of January 15, 2015, New York City became the largest city in the nation to issue municipal IDs. IDNYC is a free, government-issued identification card that is available to all City residents age 14 and older. Immigration status is irrelevant and not factored into eligibility.

How Does One Obtain An IDNYC? From the IDNYC website:

To get an IDNYC card, you must meet the following criteria:

1) At least four (4) points of documents with:

– At least three (3) points of documents proving identity.
– At least one (1) point of documents proving residency.

2) At least one (1) of the documents submitted must have a photo of the applicant, unless the applicant is 21 years old or younger and is accompanied by a caretaker who can demonstrate proof of relationship.

3) At least one (1) of the documents submitted has the applicant’s date of birth.

What documents are acceptable to prove identity?  The usuals (US Passport, Driver’s License and U.S Visa) fulfill the 3-point identity requirement but so does any combination of the following:

  • Expired Foreign Passport – within three years (2 points)
  • NYS Benefits Card without photo (1)
  • Access-A-Ride ID Card (1)
  • NYC Department of Parks and Recreation Membership Card (1)
  • U.S. Individual Taxpayer Identification Number Authorization Letter (2)
  • Your child’s U.S. Birth Certificate – listing applicant as birth parent (1)
  • Certificate of marriage, domestic partnership, civil union, divorce or dissolution (1)

Seriously, NYC government?  Except for the first document (Expired Foreign Passport), none of the above prove identity and all are without photos.  How does having one’s name written on a birth certificate as the Baby Daddy prove jack?  (Unless the applicant’s name happens to be Jack, I suppose.)  And let’s not get cute about a US Individual Taxpayer Identification Number (TIN).  I’ve covered this subject in many Bulletins.  TINs, employed by the IRS since 1995,  are issued to employees without SSNs – sans verification.  You can bet your bottom dollar (and I’m sure they’ll take mine as well) that the IRS will not lose out on collecting taxes. 

So, to recap, with a TIN and a Baby Daddy certificate, one has now proven his identity sufficiently for a government-issued I.D.  With such security measures, what could possibly go wrong? Moving along…

What documents are acceptable to prove identity? Aside from again, the usual forms of I.D., these documents are acceptable as proof of residency:

  • Court Order issued by NYS or Federal Court (dated within 60 days)
  • “Care-of Letter” Issued by nonprofit organization or religious institution in NYC serving homeless individuals or survivors of domestic violence. Entity must currently receive City funding. Letter must indicate applicant has received services from the entity for past 60 days and may use entity’s address for mailing purposes (dated within 14 days). Address on card will be “Care Of” the organization.
  • Letter from City agency, nonprofit organization, or religious institution in NYC that provides services to individuals without a home address (dated within 30 days). No address to appear on card.
  • Letter Issued by a Hospital or Health Clinic in NYC (dated within 30 days). No address will appear on the card.

As to the first acceptable form of residency – you just know someone will walk in with an open bench warrant in his/her name, but remember no stop-n-frisk any more.   We’ve already covered the non-identity confirmation of a TIN filer.  If a tax return to a TINner can’t prove identity, how is it proof of residence??

The last three acceptable proof of residency documents are just too ludicrous for me not to have checked with The Onion first.  I’d hate to commit copyright infringement.  But, no, no.  This is the law in NYC.   A letter from Tommy at the Y will do as proof of residency even though the applicant does not live there.  

The combinations to secure an IDNYC are many and almost all can be perverted for whatever nefarious reasons people chose to pass themselves off as someone else or to remain below the radar.

Why an IDNYC card? Once again, per IDNYC:

Your IDNYC card is a broadly accepted, official form of identification. IDNYC is accepted:

  • By City agencies to access many services and programs;
  • By NYPD for the purposes of issuing summons or desk appearance tickets instead of arrest;
  • For entry into public buildings, like schools;
  • For taking the high school equivalency exam in New York City,
  • For opening up checking accounts.

So we’re going to give the unverified Baby Daddy access to services and programs (read: tax $$$), help him avoid arrest, allow him access to public buildings like schools, courthouses, libraries, etc and open up a checking account where money from anywhere can be laundered, I mean, deposited into. 

If anyone can provide a viable reason for the need for more I.D. cards, please let us know. Someone, with journo creds preferably, should test this system for loopholes (craters) and security soundness.

Not to feed into terror or xenophobia but seriously folks, if the system isn’t broken, must the government always stomp in and wreak hell?  Oh the good part of IDNYC  – 25% discount to see the big blue whale hanging in the main hall of the Museum of Natural History. (I can do that on any given warm day sitting on Jones Beach but that’s an unpublishable column for another day.)

BNI Operatives: Street smart; info savvy, face-palming on account of this article. 

As always, be safe.  

 

Subject Locates: What’s in a Name?

The date of loss was 5/18/2011. The case has finally come to a serious settlement offer by the insurance company. Your client is nowhere to be found.

After exhausting the client’s primary contact numbers, his emergency contacts and Lexis, online White Pages and Spokeo, to no avail, this type of situation can become frustrating. Finally, using the same platform that propelled Google from the same old search engine to the mother of all information aggregators, comes InstantCheckmate.  A very simple download, this search engine simultaneously culls all of the standard electronic telephone directories (i.e. Yahoo, White Pages, Spokeo, Pipl, Google and many more). Both a yellow and white pages, InstantCheckmate also performs reverse directory searches (for both addresses and phone numbers).

Clear trends indicate that information aggregation will continue to evolve and at much faster rates. For the end user, this means more information will be available, at a faster rate, and with continual updating. For this reason, we conduct frequent search engine tests to determine the lead processor of available information and hence, our current recommendation for phone and address lookups is InstantCheckmate.

Our  investigators: Street smart; info savvy.

As always, stay safe.

How is Your WebFace? Controlling Your Public Image.

Kicking off the new year with a new you?  Just make sure you are in control of your old you – especially online, given the access by billions to your digital information.

We’ve all experienced negative postings online.  Whether it’s that awful office party picture, a scathing review or even serious, defamatory comments.   Several ways to deal with these detrimental posts are:

1. Be upfront. Any potential employer/customer/prospective date with even a smidgen of common sense will Google you the minute they’re serious about hiring, doing business with or dating you. It’s far better to come forward with the disclosure  than wait for them to discover the negative information on their own. Let them know what’s out there, the truth and how you intend to handle it. (This may actually work as a positive for you in that it displays your awareness of online reputation and perception management.)

2. Apologize if necessary. It can be the case that you are wrong.  You made a hasty mistake; an inappropriate tweet about your boss or a co-worker, an arrogant post about what you expect from people you date, even a goofball picture that doesn’t truly represent your best characteristics. A basic tenet of crisis control is, if you have caused the situation, apologize quickly and that will usually immediately lower the temperature of the perceived slight.

3. Get it down. Many people are just now beginning to realize the permanence of the web and how it can create a major branding challenge: once negative information is out there, it’s  difficult to remove. If you’ve created the questionable content (a thoughtless tweet, a tasteless YouTube video) you can delete it and — eventually — it will be removed from the caches of Google and other search engines.  (You can hasten the process by asking Google to remove a page or site from its listings — but only once it’s been taken down). If you don’t control the content, all you can really do is ask the person who does to remove it. This could be polite (a friend who’s posted an inappropriate photo to Facebook will probably oblige you) or not-so-polite (you may need to enlist a lawyer if someone is defaming you and won’t desist).

4. Control your SEO. The best and surest way to overcome negative information that’s plastered on the web? Create your own content and drive the bad stuff down in search engine rankings. No one but your worst enemy will bother to visit Page 20 on a Google search; most readers will stick to the first page or two. Creating a robust social media and online presence guarantees that the top results will be the ones you want people to see. Studies have shown that video, in particular, is prized by Google and will rank highly, so you might want to consider a video blog. Traditional blogs, because their content is updated frequently, are also search-engine-friendly. Creating profiles on Facebook, LinkedIn and Twitter also helps (they’re frequently at the top of Internet searches), and it also never hurts to get quoted in the media or write articles for various publications (which benefits anyone’s personal brand).

If you stick to the principle that everything you input will be seen by a prospective contact, you should be able to eventually develop enough self filters to avoid undoing your reputation online.  (Conversely, being too close-mouthed will make others think you are insignificant or have things to hide.  Play it real and play it smart.)

Included below is a link to 50 niche search engines you should be aware of; Google isn’t the only search site people use to research your background and credentials.

Our Operatives: Street smart, web savvy.

As always, stay safe.

Related articles

Our Way of Saying Thank You & Happy New Year!

2015 New Year discount flyer2015 New Year discount flyer-page0001

Electronic Crime Scene Investigations; Evidence Collection. II/II

In Part I of our two-part Electronic Crime Scene Investigations series, we covered recognizing and securing an electronic crime scene.  In this post, we delve into the actual investigation itself.

First and foremost, now that you have identified and isolated all persons with access from the crime scene, please ensure that they provide your investigator with a release similar to the below.  (Please check with your local law enforcement on particular jurisdictional guidelines.)

CONSENT TO SEARCH ELECTRONIC MEDIA AND CLOUD STORAGE
I, __________________, hereby authorize __________________, who has identified himself / herself as an investigator lawfully engaged by _____________________, and any other person(s), including but not limited to a computer forensic examiner, he / she may designate to assist him / her, to remove, take possession of and / or conduct a complete search of the following: computer systems, electronic data storage devices, computer data storage diskettes, DVDs, or any other electronic equipment capable of storing, retrieving, processing and / or accessing data and any and all cloud storage accounts that may contain any company information, files and references.
The aforementioned equipment and storage will be subject to data duplication / imaging and a forensic analysis for any data pertinent to the incident / criminal investigation.
I give this consent to search freely and voluntarily without fear, threat, coercion or promises of any kind and with full knowledge of my constitutional right to refuse to give my consent for the removal and / or search of the aforementioned equipment /data, which I hereby waive. I am also aware that if I wish to exercise this right of refusal at any time during the seizure and or search of the equipment / data, it will be respected.

This consent to search is given by me this ________ day of, __________________
20__________, at ____________ am / pm.

Location items taken from: ____________________________________________
Consenter Signature: ________________________________________________
Witness Signature: _________________________________________________
Witness Signature: _________________________________________________

Evidence Collection
Handling digital evidence correctly is essential to preserving the integrity of the physical device as well as the information or data it contains. Turning off the power to a computer or other electronic device may cause the information or data stored on it to be damaged or lost.
If you are not trained in handling digital evidence —
• Do not attempt to explore the contents of a computer or other electronic device or to
recover information from it.
• Do not alter the state of a computer or other electronic device.
• Do not press any keys or click the mouse.
• If the computer or device is off, leave it off.
• Do not move a computer or other electronic device that is powered on.
• Do not accept offers of help or technical assistance from unauthorized persons.
• DO request technical assistance from personnel with advanced equipment and training in digital evidence collection.  See http://www.ecpi-us.org/Technicalresources.html for a list of available resources.

Assess the Situation

Before caputring digital evidence, make sure you have the legal authority to do so. Improper access to information or data stored on electronic devices may violate provisions of various local, sate and federal laws.

After securing the scene and identifying the computer’s power status, follow the steps listed below for the situation most like your own. (If the final suggestion in each situation is “Proceed to If Computer Is On” or “Proceed to If Computer Is Off.”, those two sections are posted on the bottom on this article.)

Situation 1: Monitor is on. Program, application, work product, picture, e-mail or Internet site is displayed.

1. Photograph screen and record information displayed.
2. Proceed to “If the Computer Is ON”

Situation 2: Monitor is on. Screen saver or picture is visible.
1. Move mouse slightly without depressing buttons or rotating wheel if present.
2. Note any onscreen activity that causes a change in the display.
3. Photograph screen and record information displayed.
4. Proceed to “If the Computer Is ON”

Situation 3: Monitor is on. Display is blank.
1. Move mouse slightly without depressing buttons or rotating wheel if present.
2. Display changes to login screen, work product, or other visible display.
3. Note change in display.
4. Photograph screen and record information displayed.
5. Proceed to “If the Computer Is ON”

Situation 4a: Monitor is off. Display is blank.
1. If monitor’s power switch is in off position, turn monitor on.
2. Display changes to a login screen, work product or other visible display.
3. Note change in the display.
4. Photograph screen and record information displayed.
5. Proceed to “If the Computer Is ON”

Situation 4b: Monitor is off. Display is blank.
1. If monitor’s power switch is in off position, turn monitor on.
2. Display does not change. Screen remains blank.
3. Note that the display does not change.
4. Photograph blank screen.
5. Proceed to “If the Computer Is OFF”.

Situation 5: Monitor is on. Display is blank.
1. Move mouse slightly without depressing any buttons or rotating the wheel if present.
2. If display does not change, confirm that power is supplied to the monitor.
3. If display remains blank, check computer case for active lights and listen for fans spinning or other indications computer is on.
4. If computer case gives no indication that it is powered on, proceed to “If the Computer Is OFF”.

================================

If the Computer Is OFF
For desktop, tower and minicomputers follow these steps:
1. Document, photograph, and sketch all wires, cables, and devices connected to the computer.
2. Uniquely label and photograph the power supply cord and all cables, wires or USB drives attached to the computer and the connection each of these occupies on the computer.
3. Remove and secure the power supply cord from the back of the computer and from the wall outlet, power strip or battery backup device.
4. Disconnect and secure all cables, wires and USB drives from the computer and document the device or equipment connected at the opposite end.
5. Place tape over the floppy disk slot if present. Ensure that the CD or DVD drive trays are retracted into place and tape across the drive tray to prevent it from opening.
6. Place tape over the power switch.
7. Record the make, model, serial numbers and any user-applied markings or identifiers.
8. Record or log computer and all cords, cables, wires, devices and components according to agency procedures.
9. Carefully package all evidence collected to prevent damage or alteration during transportation and storage.

For laptop computers follow these steps:
1. Document, photograph and sketch all wires, cables and devices connected to the laptop.
2. Uniquely label and photograph all wires, cables and devices connected to the laptop and the connection each occupies.
3. Remove and secure the power supply and all batteries from the laptop computer.
4. Disconnect and secure all cables, wires, and USB drives from the laptop and document the equipment or device connected at the opposite end.
5. Place tape over the floppy disk slot if present. Ensure that the CD or DVD drive trays are retracted into place and tape across the drive tray to prevent it from opening.
6. Place tape over the power switch.
7. Record the make, model, serial numbers and any user-applied markings or identifiers.
8. Record or log the laptop computer and all cords, cables, wires, devices and components according to agency procedures.
9. Carefully package all evidence collected to prevent damage or alteration during transportation and storage.

If the Computer Is ON
Removing the power supply is generally the safest option. If evidence of a crime is visible on the computer display, however, request assistance from personnel with experience in volatile data capture and preservation.

Immediate disconnection of power is recommended when —
• Information or activity on screen indicates that information or data is being deleted or overwritten.
• A destructive process appears to be in progress on the computer’s data storage device(s).
• The system is powered on in a typical Microsoft Windows® environment. Pulling the power supply cord from the back of the computer will preserve information about the last user account logged in, login time, most recently used documents, most
recently used commands, and other valuable information.

Immediate disconnection of power is NOT recommended when —
• Information or data of apparent evidentiary value is in plain view onscreen. Seek assistance from personnel with advanced training in digital evidence collection.
• Indications exist that any of the following are active or in use: Chat room(s), text documents, remote data storage, Instant Messaging (IM), child pornography, contraband, financial documents, data encryption and obvious illegal activities.
• The device is a mobile or smart phone. Leave mobile and smart phones in the power state in which they were found.

Improper shutdown of mainframe computers, servers or a group of networked computers may result in the loss of data, loss of evidence and potential civil liability. Secure the scene and request assistance from personnel with advanced training in digital evidence collection of large or complex computer systems.

(We suggest you print Parts I and II of this series into a manual format.)

BNI Operatives: Street smart; info savvy.

As always, stay safe.

Happy Holidays and a Happy New Year!

55

 

Wishing our readers a happy, healthy, safe and joyous holiday season and New Year.

~ from the BNI team.

Electronic Crime Scene Investigations; Assessing & Documenting the Situation. I/II

When a computer crime is suspected in the workplace, action must be taken immediately. We’ll take you through a step by step computer crime scene investigation; the same protocol that we security and information specialists conduct.

When securing and evaluating the scene:
• Do not alter the state of an electronic device. If a computer or an electronic device is off, leave it off.
• Remove all unauthorized persons from the area where evidence is to be collected.
• Identify, seize and secure all electronic devices, including personal ones used at work. (Have the employee sign a release or note the type of device and serial number – including the hard drive serial number, if s/he refuses).
• Recognize potential digital evidence in telephones, digital video recorders, other office appliances and motor vehicles.

If the computer is on or the power state cannot be determined:
• Look and listen for indications that the computer is on — e.g., fans running, drives spinning and lit light-emitting diodes (LEDs).
• If you cannot determine the power state of the computer, observe the monitor to determine if it is on, off or in sleep mode.
• Check display screen for signs of data destruction.  Look out for words such as “delete,” “format,” “remove,” “copy,” “move,” “cut” or “wipe.”
• Look for indications that the computer is being accessed remotely and/or signs of ongoing com-
munications with other computers or users — e.g., Instant Messaging (IM) windows or chat rooms.
• Take note of all cameras and determine whether they are active.

Preliminary Interviews
•Separate and identify all persons of interest and record the location they occupied when you entered the scene. Obtain the following information from interviewee(s):
• Purpose of computers and devices.
• All users of the computers and devices.
• Type of Internet access and Internet service provider.
• Computer and Internet user information — e.g., login names, user account names and passwords, and Instant Message screen names.
• E-mail and Web mail (Web-based e-mail) accounts and Web pages.
• Account information for online social networking Web sites — e.g.,  Facebook, LinkedIn
• All security provisions, data access restrictions, destructive devices or software in use.
• Any automated applications in use.
• Any other relevant information.

Documenting the Scene
Your documentation should include:
• The type, location, position, condition and power status of the device.
• A record of all activity and processes visible on the display screen(s).
• A record of all physical connections to and from the computers and other devices.
• A record of any network and wireless components capable of linking devices to each other and the Internet.
• The type, condition and power status of the device’s Internet and network access.
• Video, photos, notes and sketches to assist in recreating/conveying the details of the scene.
(Some computer systems and electronic devices — and the information they contain — may be protected under applicable laws, agency policies or other factors, that may prohibit collection of these devices or components.  That’s when you call in a pro.  However, do include the location, condition and power state of these devices in your documentation.)

Movement of a running computer or electronic device may cause changes or damage to the computer or device or the digital evidence it contains. Computers and electronic devices should not be moved until it is determined by a professional that it is safe to do so. 

In Part II/II we will get into the meat of Evidence Collection.  The instructions we will impart will not be generalizations but rather, actual, working directions.

Our Operatives: A step ahead.

As always, stay safe.

Our Wishes for a Happy Hanukkah

 

May you and your family be blessed with joy, health, happiness and prosperity – Happy Hanukkah!

The BNI team

Report/Don’t Report A Vehicular Accident? Know Your State’s Rules.

car crash2

by Louis C. Amen (Ret., Highway Accident Investigation Squad Detective, NYPD)

Car accidents can and will happen to even the best of drivers.  You may be driving in accordance with the rules of the road but another driver may not, thereby triggering a chain of events that ends in a vehicular collision.

Civilians are responsible for reporting accidents* either to a police officer at the accident scene or to their state’s Department of Motor Vehicles (DMV) central office.  Is there a central source of reporting information by state online?

Yes. We recommend a private site: DMV.org, to determine contact and forms information and then access any state’s DMV via links to the agency’s services such as obtaining one’s driver’s abstract, re-registering a vehicle, obtaining accident reporting forms, etc. (For example: If you wish to report a vehicular accident directly to the DMV in Alabama, select Alabama as the state of inquiry, and DMV.org will redirect you to the crash report request form).

*Depending on your states rules and regulations. See below.

Is is mandatory to report a vehicular accident?

1. Personal injury/property damage not involved: Possibly. The requirement to report a vehicular accident is based on the individual state’s directives regarding collision reporting and the necessity is generally based on the vehicle damage estimate. E.g., in NYS, it is not necessary (although allowed) to report an accident in which the projected cost of damage is less than $1,001.00.

2. Personal injury/property damage (excluding vehicle) involved. Yes.  A report of the crash incident is required in all states, when personal injury has occurred to any parties involved, including pedestrians, bicyclists and others absent participation in the original vehicular collision.

What information should I obtain at an accident scene wherein police were not notified?

From the driver involved:

  • Driver’s full name and current and policy address
  • Registrant information – name and current and policy address
  • Insurance information, including insurance company name and code, policy number and policy period
  • Telephone number(s) of all involved
  • Email information or all involved
  • Emergency or “other notification” contact information for all involved
  • Name and contact information for all vehicle occupants, others involved in the collision and witnesses.
  • Photos (to include full vehicle and areas of damage shots, of the parties involved and relevant ground markings and street signs and traffic devices that may be present at the location, to include but not limited to traffic lights, traffic signs, crossing guards…)

What are the relevant traffic accident forms I may need? (Using NYS as an example.) 

If an involved party is required or desires to submit vehicular accident reports as, for example, required by your auto insurance carrier, the following documents may be necessary:

  • Traffic accident report form
  • Witness statements
  • Liability release
  • Waiver of financial responsibility

– If you are in an accident in NY involving only property damage, New York State Vehicle and Traffic Law requires you to stop and exchange information with the involved drivers.

– If a parked vehicle or other property is damaged, or a domestic animal is injured, you must locate the owner or contact the police.

Important facts regarding vehicular collisions in New York State (yes, this includes, New York City):

  • If property damage of any person is $1,001 or more all the involved drivers are required by the NYS Vehicle and Traffic Law to file a Report (MV 104).
  • If the report is required per the above criterium, then said report must be submitted to the NYS DMV within 10 days post-incident.
  • DMV can suspend your driver’s license if you fail to report an accident.
  • If person is injured or killed, you are required by the NYS Vehicle and Traffic Law to immediately report the collision to the police and you may not leave the scene unless directed by police.
  • It is a crime to leave the scene of an accident that causes personal injury or death.
  • The DMV does make or assist in liability determination of a vehicular accident.

How do I obtain a copy of an accident report form?

  • You can obtain the form online – again, we suggest you use the DMV.org site.
  • Go in person to the local police agency and or precinct where accident occurred and request a blank form and instructions.

I realize that people are understandably upset and distracted when a collision occurs.  By remaining as calm as possible and employing basic common sense, you should be able to arrive at a decision based on the facts before you in determining whether to report an accident on scene or privately afterwards.  When in doubt, or substantial property damage and or injuries are involved, call 911.

BNI Operatives: Street smart; info savvy.

As always, stay safe.

Federal and State FOIA Request Tips & Info.

foia process2

Before submitting a FOIA request, we suggest the following tips to expedite the information return: (We are citing US DOJ regulations.)

1. Research the agency’s website for the information you are seeking. (FOIA requires that federal agencies release certain information automatically, without the need for you to make a request so before you put in the effort to obtain that which is readily and immediately available. check the agency’s site.)

2. Create and submit a pre-printed FOIA request form on your firm’s letterhead.  (There is no specific form that must be used to make a request. The request simply must be in writing, reasonably describe the information you seek, and comply with specific agency requirements. Most federal agencies now accept FOIA requests electronically, including by web form, e-mail or fax.)

3. Follow up in five to six weeks post request submission if you have not received the information sought.  (The time it takes to respond to each request varies depending on the complexity of the request itself and the backlog of requests already pending at the agency. In some circumstances, the agency will be able to respond to the request within the standard time limit established by the FOIA – approximately one month. In other instances more time may be needed before the request can be completed. When an agency requires an extension of time, it will notify you in writing and provide you with an opportunity to modify or limit the scope of your request. Alternatively, you may agree to a different timetable for the processing of your request.)

Obtaining FOIA records (contact information):

For Federal Agency Records: From the Department of Agriculture to the Tennessee Valley Authority to the USPTO:   here.

For State Agency Records: Research the agency’s contact information independently as there is no there is no central state-by-state agency FOIA office registry (given the varying agencies by state) and then avail yourself of the following useful tools:

Happy hunting!

BNI Operatives: Street smart; info savvy.

As always, stay safe.

Follow

Get every new post delivered to your Inbox.

Join 212 other followers