Hacker News new | past | comments | ask | show | jobs | submit login

From what I recall all activity is logged. We also had numerous external databases/tools that were essentially API connections to reduce the number of separate logins we'd have to do, and each of those databases had their own audit mechanisms. Long before we ever had Palantir in my department, we did have an employee who had misused a database for personal reasons. They were initially terminated but that was undone upon appeal. They were reprimanded either way and lost access to various tools/databases going forward for a long time. I know of many stories of police, for example, getting fired for abusing the NCIC databases for personal gain. Sadly it often falls on the agencies to self-police these issues, and most don't have anyone dedicated to this effort. So it really falls on the first line supervisors, of which some are great about it and some couldn't be bothered. I am of the opinion that all security, intelligence, and LE agencies should have an internal team solely focused on audit & review actions for internal abuse/misuse/privacy concerns, but that is a minority opinion from my experience.

From what I recall all activity is logged.

My apologies in advance to offtopic haters. But this is too good to overlook. Did anybody else notice how this question relates to the origin of the name?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact