Sunday, May 12, 2013

Privacy Breach on Bloomberg’s Data Terminals

From:  NY Times 

May 10, 2013

By AMY CHOZICK and BEN PROTESS
A shudder went through Wall Street on Friday after the revelation that Bloomberg News reporters had extracted subscribers’ private information through the company’s ubiquitous data terminals to break news.

The company confirmed that reporters at Bloomberg News, the journalism arm of Bloomberg L.P., had for years used the company’s terminals to monitor when subscribers had logged onto the service and to find out what types of functions, like the news wire, corporate bond trades or an equities index, they had looked at. Bloomberg terminals, which cost an average of more than $20,000 a year, are found in nearly every banking and trading company.

Bloomberg said the functions that allowed journalists to monitor subscribers were a mistake and were promptly disabled after Goldman Sachs complained that a Bloomberg reporter had, while inquiring about a partner’s employment status, pointed out that the partner had not logged onto his Bloomberg terminal lately.

The incident led to broader concerns about the line at Bloomberg between its lucrative terminal business and the hypercompetitive newsroom, threatening to undermine the credibility of both. In a secretive world that thrives on opacity, traders and financial firms jealously guard every speck of information about their activity to avoid tipping their hand on their trades and investments.

“On Wall Street, anonymity is critically important. Secrecy and the ability to cover one’s tracks is paramount,” said Michael J. Driscoll, a former senior trader at Bear Stearns who now teaches at Adelphi University. He added: “If Bloomberg reporters crossed that line, that’s an issue.”

The news gathering technique appears more widespread than the Goldman incident, which was first reported by The New York Post. A preliminary analysis at Bloomberg revealed that “several hundred” reporters had used the technique, a person briefed on the analysis said. (Bloomberg employs more than 2,400 journalists worldwide. A spokesman declined to comment on the analysis and said no reporters had been fired.)

There are also fears that the monitoring may have gone beyond Wall Street. Banking regulators at the Federal Reserve are examining whether their own employees were subject to tracking by Bloomberg reporters, according to people briefed on the matter. A spokeswoman for the Fed declined to comment.

There are now more than 315,000 Bloomberg terminal subscribers worldwide who rely on the desktop computer for research, trading, communication and a constant stream of financial information and news.

But as it turned out, what the subscribers were doing was not always confidential. Bloomberg reporters used the “Z function” — a command using the letter Z and a company’s name — to view a list of subscribers at a firm. Then, a Bloomberg user could click on a subscriber’s name, which would take the user to a function called UUID. The UUID function then provided background on an individual subscriber, including contact information, when the subscriber had last logged on, chat information between subscribers and customer service representatives, and weekly statistics on how often they used a particular function. A company spokesman said both of those functions had been disabled in the newsroom.

Terminals never allowed journalists to see specific securities or trades, but even general hints of what users are searching could provide a glimpse into Wall Street’s thinking — powerful currency in the competitive world of financial journalism. Daniel L. Doctoroff, chief executive of Bloomberg L.P. and a close confidant to the company’s founder, Michael R. Bloomberg, said in a memo to employees that “client trust is our highest priority and the cornerstone of our business.” Mr. Bloomberg stepped away from day-to-day operations when he became mayor of New York City.

Last month, the company further centralized its data security efforts, including appointing Steve Ross, a senior executive, to the newly created role of client data compliance officer.

“To be clear, the limited customer relationship data previously available to our reporters never included access to our trading, portfolio, monitor, blotter or other related systems or our clients’ messages,” Mr. Doctoroff said. He posted a damage control message to clients on the Bloomberg terminal and blog, calling the reporting practice a “mistake.”

Similar problems, which became public on Friday, started at JPMorgan Chase last summer, when the bank suffered a multibillion-dollar trading loss. Some Bloomberg reporters called the bank, people briefed on the call said, to question whether the traders responsible for the loss had been fired. They cited the fact that the traders had gone silent on the terminal. The bank, the people said, objected to the reporting technique, but did not formally reach out to Bloomberg executives to complain. Yet bank officials soon discovered that other Bloomberg reporters were using the approach on other stories unrelated to the trading loss.

When Goldman raised the issue with Bloomberg last month, the media company dispatched senior sales executives to Goldman’s Lower Manhattan headquarters, according to people briefed on the matter. The Bloomberg officials assured top bank executives, including Gary D. Cohn, the firm’s president and chief operating officer, that the problem would be resolved. “We brought this matter to the attention of the news organization, and senior management at the company assured us that they were taking immediate measures to address the problem,” a bank spokesman said.  MORE

No comments:

Post a Comment