In today's digital age, data privacy and cybersecurity have become critical concerns affecting every citizen. Whistleblowers play a vital role in exposing corruption and protecting public interests, often at great personal cost. We're honored to introduce Danielle Spencer, a leader in the U.S. Federal government whose career took an unexpected turn when she stood against corruption.
With over two decades of experience in business, finance, and acquisition management, Danielle brings a wealth of knowledge to the table. Her academic background includes two Master's degrees and certifications in Information Assurance and Project Management. Danielle's journey from respected government employee to whistleblower and privacy rights advocate offers unique insights into the challenges faced by those who speak out against misconduct within powerful institutions.
In this interview, we'll explore Danielle's experiences and insights on whistleblower retaliation, data theft, and "digital assassination." Her story highlights the personal courage required to stand up for one's principles and raises important questions about privacy, security, and ethical governance in our digital world.
1. What initially motivated you to become a whistleblower, and how did this decision impact your career and personal life?
I was raised by moral, ethical and law-abiding parents. Growing up, they surrounded me and my siblings with moral, ethical and law-abiding adults. My interactions with corruption were minimum at best; what I learned about crime and corruption was mostly from television, and in the world of TV, the bad actors are punished most of the time. Therefore, it was second nature to me to raise awareness to behaviour and actions that I thought violated either federal or state law or government policy. It never occurred to me that raising these issues would give me the label of a whistleblower.
I believe that my decision to report these issues has resulted in me, and people close to me, being retaliated against. From a career perspective, I believe that I have been ‘blackballed’ in the IT field; thus, I have been unable to be promoted or obtain other employment opportunities. In my personal life, I believe that I am under constant surveillance; every move that I make is always scrutinized in an effort to find mistakes or errors. In my Digital Assassins book series, I have documented many of the retaliation occurrences I have endured.
This decision has also caused me to be much more active and vigilant in fighting for the rights of U. S. citizens. In 2023, I started giving lectures and discussions concerning whistleblower retaliation, privacy violations and data theft. I plan to continue these efforts, in addition to enacting legislative changes and running for a local elected office.
2. Can you explain the concept of "digital assassination" and why it's a growing concern in today's interconnected world?
Digital Assassination is a process, used by bad actors, to destroy (or kill) someone using digital methods or technology. This could include: ‘killing’ a person’s character by creating false audio or video tapes of them saying things or doing things they never said or did or ‘killing’ someone’s financial standing/status by creating fake debts, electronically causing their bank account to be overdrawn, interfering with the tax administration process and/or providing false information to creditors or credit reporting bureaus.
Digital assassination is or should be a growing concern both because technology is constantly evolving, and because current laws do not protect citizens. For example, many organizations are moving towards electronic record keeping. While this could be more efficient and more environmentally friendly, this also provides an opening for bad actors to digitally assassinate people. For people who do not keep paper records, a company or a debt collection company can double and triple bill people, saying they have an outstanding bill that is being sent to collections, even though the customer has already paid the bill. Without paper records, both the company and customer must rely on electronic records – which can be manipulated. Therefore, current laws need to be updated to reflect that most records are stored electronically; meaning the timeframe to collect a debt should be shortened to months – not years.
3. How has your background in information assurance and cybersecurity influenced your approach to exposing government misconduct?
In general, the fields of information assurance (IA) and cybersecurity refer to the set of programs, protocols, laws, etc. designed to protect data, systems, networks and devices. Having this general background knowledge, helped me to identify when certain events occurred that would or should be in violation of any organization, to include government entities, IA program. For example, the Internal Revenue Service (IRS) has specific policies regarding Freedom of Information Act (FOIA) requests, when tax records are accessed, when a form 11377 should be completed, and the length of time that specific forms and documents should be stored. The information involved in each of these areas is stored in a system. Therefore, when I received an ACSWeb Report from the IRS, dated June 22, 2022, showing several forms being processed against my tax account, I knew that I should’ve been able to obtain copies of these forms using the FOIA process.
After following this process and being told that no records were found, I believed that something was wrong. From an IA/cybersecurity perspective, if a report is generated stating that certain information is available, yet, that information cannot be displayed when specifics are asked, there is a strong possibility of a system security violation that needed to be reported and addressed – which is why I reported these incidents.
4. In your experience, what are the most significant legal and policy gaps regarding whistleblower protection and data privacy?
Based on my experience, many of the laws and policies that are in place can protect whistleblowers – they just aren’t followed. What I believe is missing is a national organization, hotline, and media outlet for whistleblowers, very similar to those that are available to people who have been the victim of domestic abuse. There are many organizations established that can assist whistleblowers, but they are not well known, or funded. I only learned about these organizations years AFTER I became a whistleblower.
Moreover, when a person becomes a whistleblower, almost no one knows that the person has become a whistleblower, except for people in the organization with the pending complaint. From a data privacy perspective, many may think this is a good thing; I don’t. My experience has shown that this could be the worse thing for a whistleblower. It is my belief that because my whistleblower experience was not known, it has allowed various bad actors to retaliate against me with no consequences. However, if there was a national medium, by which I could make my experiences known, I believe that would shine a light on these events making it harder for these bad actors to continue their actions.
5. Your book "Digital Assassins" was inspired by real events. Without compromising any sensitive information, can you share a particularly eye-opening moment from your whistleblowing experience?
There were so many that occurred. However, if I had to choose one category of experiences, it would be the fabrication of documents and events. One specific instance was when a title insurance company created and disseminated a false title search report. This report falsely claimed that the home where I live contained seven (7) liens and judgements totalling over $140,000.00! This was completely false. All of these debts belonged to other people; yet the company was falsely saying that they belonged to me or my parents. While seeing and reading a report with fraudulent information was a shock, the most disturbing things that happened were the response I received from state government officials when I reported the incident (in my opinion, the complaint was basically ignored) and the threat of being responsible to pay attorney’s for the title company – because we had to sue the title company to force them to remove the false data from the report. Based on the responses I received, it made me believe that this is a practice and tactic that had been used on other people.
6. How do you think the weaponization of private data by government entities affects the average citizen, and what can people do to protect themselves?
I believe that the weaponization of private data can lead to a lawless or authoritarian society, where no one has privacy and where people’s private data is used against them. There have been many movies and books, such as The Net, 1984, AntiTrust, and The Handmaid’s Tale, that tell a cautionary tale of what can happen to society when individuals forsake privacy for a false sense of security or to enforce a certain ideal. While I was undergoing my security adjudication, the investigator was seeking to obtain information, such as the existence of ‘illegitimate’ children and sexually embarrassing information; information that I believed not only violated my privacy but information that also could be weaponized against me. It is my belief that if the government was seeking to gather and store this information on me, not only is there a national technical infrastructure to store this information but, that there is or will be an effort to collect and store this information on all U. S. citizens.
Another national example is the effort by certain individuals in the U. S. to ban abortions and medical care for Trans youth. There have been news stories of law enforcement entities seeking to obtain medical records on people to enforce these bans. Regardless of how one personally feels about either issue, a person’s medical records are private data and shouldn’t be accessible for non-medical reasons. In my opinion, this is a perfect example of private data being weaponized by government entities.
To protect ourselves, people first need to be aware of these efforts and gain an understanding that weaponization of private data affects and impacts all of us. Generally, each person should be more vocal and active in advocating for privacy rights. Specifically, people should know what their privacy rights are and file a complaint when any incident occurs that they believe violates their rights.