Privacy and Public Records
- EPIC, Domestic Violence Advocates, seek to protect privacy in court records.In commentsto the District of Columbia Superior Court, EPIC's domestic violence and privacy projectand several DC domestic violence advocates recommended strong privacy protections for online court records. Domestic violence survivors face several risks from online court records. Data brokers mine these records to resell and build profiles on individuals. The 2005 Violence Against Women Act (VAWA)protects key domestic violence information. The comments recommend a policy that follows VAWA, respects well-established privacy principles, and still permits convenient online access. Individuals should have control over whether their records are placed online. Data brokers should be restricted from accessing records via legal and technical measures. Online record usage should be for limited uses and be accessible only via a password-based login system. (Oct 19.)
- EPIC Comments on Private Data in Court Files.In commentsto the Florida Courts, EPIC recommended that court files be scrubbed of identifiers such as the Social Security Number, date of birth, and telephone number. EPIC argued that, "Court records are becoming the fodder for dossiers on Americans," and that commercial data brokers are eroding the privacy rights of individuals by pour data into court files. For more information, see EPIC's Public Recordsand Choicepoint Pages. (Feb. 28, 2006)
- SSNs, Other Data Should Be Scrubbed from Court Files.In commentsto the federal judiciary, EPIC called for changes to procedural rulesto shield personal information in court files from commercial data brokers. Commercial data brokers employ stringers to harvest personal information from court files, and then resell the information. Court files are becoming the fuel for dossier-building on Americans, and courts must accept the responsibility for shielding data from misuse. (Feb. 15, 2006)
- EPIC Comments on Privacy of PA Court Records.In comments(also available in pdf) to the Pennsylvania court system, EPIC urged records custodians to protect personal information contained within court records. Court records contain sensitive personal information, including Social Security numbers, and these records increasingly are being used to build dossiers on individuals. Any person may comment on the proposed public access policyuntil November 17, 2005. (Nov. 9, 2005)
- FL Committee Recommends Regulation of Data Brokers.Florida's Committee on Privacy and Court Records has issued recommendationsto reduce the privacy risks posed by court records. The first recommendation, which passed unanimously, urges the Florida legislature and Congress to comprehensively regulate commercial data brokers. The group also recommended that the courts allow anonymous access to records, and that courts minimize the amount of information they collect from individuals. Many of these positions were recommended by EPIC(pdf) in a submission that showed that Florida's records policies made the State's citizens subject to extraordinary profiling by data brokers such as Choicepoint. For more information, see EPIC's Choicepointpages. (Aug. 18)
- EPIC Recommends Protections for Public Records.In comments(pdf) to a committee formed by the Florida Supreme Court, EPIC recommended protections for personal information that appears in public records. EPIC advised that personal data in public records are being commodified for purposes unrelated to government oversight. (Oct. 29, 2004)
Public records are materials that are open to inspection by any person. The definition of what records are public varies depending on state and federal law. The definition may include government contracts with businesses, birth, marriage, and death records, court files, arrest records, property ownership and tax information, minutes of meetings of government entities, driver's license information, occupational licenses, and Securities and Exchange Commission filings.
Many of these public records contain individuals' personal information. This personal information is required to be divulged when citizens interact with state or federal bureaucracies for the purpose of administering voting, public benefits, and privileges. However, once a record becomes public, there is generally no restriction on the purpose for which the personal information contained within the record is used. The availability of this information without restriction on use exposes individuals to risks and annoyances:
- Public records information is used by commercial profilers for marketing and targeted advertising. Sometimes public records information is used by predatory businesses to target persons with credit or bankruptcy problems.
- Public records are compiled by private entities and then sold back to government law enforcement agencies as detailed dossiers. These dossiers can contain errors that result in someone being falsely identified as a criminal. In several cases, individuals have lost their jobs based on false information in public records.
- Government can use public records in order to discriminate against certain populations. For instance, during World War II, census records were used to facilitate the internment of Japanese Americans.
- Public records may contain all the information necessary to perpetrate identity fraud.
- "Pretexting," the practice of posing as another person in order to obtain financial records or other private information, is made possible by the availability of personal information in public records.
- "Social forgiveness," the principle that over time a citizen's crimes are forgiven, is diminished. While individuals may petition a court to expunge a criminal record, if a notation of the crime exists in a private database, the individual may still be marked as a criminal by profiling companies or employers. This principle--that one can be born again in America and leave mistakes in the past--can be eliminated through a system that culls, categorizes, and commercializes human behaviors.
As a society, we need to reevaluate how the personally identifiable information contained within public records can be used. Clearly, a free society demands a robust right of access to public records in order to assure accountability of public officials and government. This robust right must facilitate citizen access to records, not just access to those with resources and expertise in obtaining government records. A system must be established that ensures legitimate uses--journalistic, historical, and educational--of public records while still preserving privacy protections for personal information.
In Fall 2000, the Administrative Offices of the United States Courts (AOUSC) requested comments from the public on its plans to provide remote electronic access to federal court files. With few exceptions, courts files are considered public and there are no legal barriers to their dissemination or to the dissemination of the personal information within the files.
While court files always have been public, they were considered to enjoy "practical obscurity." That is, the records were stored in such an inaccessible fashion that only the determined and resourceful could obtain them. To this day, most records probably are stored at the local level on different types of media (paper, magnetic tape) and are indexed with varying degrees of accuracy and usefulness.
Court files contain a wealth of personal information. For instance, bankruptcy filings, which are required by statute to be public, contain personal identifiers and detailed information on the petitioner's assets. Civil case files may contain medical information and detailed information on spousal infidelity and abuse. Criminal case files may contain presentencing reports and the identity of officers and witnesses in criminal investigations.
The AOUSC recognized that remote electronic access to this information could result in invasions of privacy and in security risks to witnesses and litigants. Accordingly AOUSC requested comments from the public on civil, criminal and bankruptcy case files.
EPIC filed comments with AOUSC and testified to a committee of the Judicial Conference on the privacy issues implicated by remote electronic access to case files. The challenge was to formulate a scheme that guarantees robust access to public records while also preventing unwarranted invasions into the personal matters of litigants and witnesses. To reach this goal, EPIC commented that in the context of civil case files, personal identifiers should be redacted. In the context of criminal case files, sensitive information such as pre-indictment documents, presentence reports, plea agreements, and unexecuted warrants should not be available to the public. Last, in the context of bankruptcy files, EPIC commented that personal identifiers should be collected on a separate form that was not available to the public.
Overall, more than 250 comments were received by the AOUSC, and the body released a policy in September 2001 that included important provisions for the protection of personal information. These included the redaction of personal identifiers in civil and bankruptcy cases, a delay in providing remote electronic access to criminal files, and Social Security cases were excluded from electronic access.
The AOUSC recommendation on electronic access to case files only applies to the federal courts. The states have different laws and policies on what court files are public and the extent to which they are available electronically.
In 2002, the National Center for State Courts requested comments on a model policy for public access to court records. State court records are more likely to contain information that could be stigmatizing. Family court issues, mental health cases, and domestic abuse cases are all handled in state courts.
In April 2002, the New York State Court system created a committee to study public access to court records.
- EPIC Commentson Public Access to Electronic Case Files.
- AOUSC Electronic Case File Privacy Page.
- AOUSC Request for Comments on Electronic Case File Access.
- Comments receivedby the AOUSC.
- PACER: Public Access to Court Electronic Records.
- National Center for State Courts Public Access to Court Records Page.
- National Center for State Courts Public Access to Court Records Model Policy Comment Page.
- Maryland Committee on Access to Court Records.
- California Access to Court Records, California Court Rules.
- Arizona Public Access to Court Files Page.
- Iowa Courts Online.
- Dirty Laundry, Online for All to See, New York Times, September 5, 2002.
- New Jersey High Court Retreats From Posting Records on Web, Law.com, July 1, 2002.
- Federal Courts To Permit Web Access To Criminal Records, Newsbytes, May 7, 2002.
- Group to Study Privacy Impact of Posting New York Court Records Online, Law.com, April 29, 2002 (cookies required).
- Commission to Examine Future of Court Documents on the Internet, New York Courts Press Release, April 24, 2002.
Public Access to Electronic Court Records and Competing Privacy Interests, Judgelink, 2001.
- New Rules Expand Public Access to Electronic Trial Court Records, Judicial Council of California, December 18, 2001.
Fed Courts May OK High-Tech Filing, Los Angeles Times, December 3, 2001.
- Judges OK New Rules On Privacy, Court Records Online, Newsbytes, September 19, 2001.
- Peter C. Alexander and Kelly Jo Slone, Thinking About the Private Matters in Public Documents: Bankruptcy Privacy in an Electronic Age, 75 Am. Bankr. L.J. 437, Fall 2001.
- Judges Want Criminal Cases Pulled From Web Court Records, August 15, 2001.
- Panel Stirs Privacy Debate Over Online Court Records, March 16, 2001.
- Open Court? As courthouses rush to put filing online, easy access to legal documents has many worrying about privacy rights, ABA Journal, April 2001.
- Privacy Groups, Journalists Clash Over Court Records Database, Newsbytes, January 29, 2001.
- Group Calls For Privacy Review Of Court Records Database, Newsbytes, January 26, 2001.
This personal information often is used to build complex profiles of citizens and their likely voting behaviors. Aristotle, a company that creates voter profiling software, sells databases of voter information that includes name, address, phone number, donation history, and party affiliation. The company also sells tools to track voter correspondence with elected officials.
- Privacy and Online Politics: Is Online Profiling Doing More Harm Than Good for Citizens in Our Political System, Center for Democracy and Technology.
- Aristotle, voter profiling company.
- Botched Name Purge Denied Some the Right to Vote, Washington Post, May 31, 2001.
A number of commercial profilers sell public records information to government law enforcement agencies. An April 13, 2001 article in the Wall Street Journal reported that profiling company ChoicePoint provided personal information to at least thirty-five government agencies. EPIC has filed a series of Freedom of Information Act requests to determine the nature and amount of information sold to government. To date, EPIC has determined that ChoicePoint has several multi-million dollar contracts with law enforcement agencies to sell personal data. In addition, Experian, a credit reporting agency, sells personal information to government agencies for law enforcement purposes.
In January 2002, EPIC filed suit in Federal District Court to compel agencies to respond to the FOIA request for documents on ChoicePoint and Experian.
Profiling data is sometimes abused by law enforcement agents. In January 2001, a 12-year veteran of the Drug Enforcement Agency, Emilio Calatayud, was charged with selling personal information from police databases. Calatayud made thousands of dollars by selling the personal information to private investigators from the National Crime Information Center (NCIC), California Law Enforcement Telecommunications System (CLETS), and the Narcotics and Dangerous Drug Information System (NDDIS) databases. On the first day of this trial in February 2002, the DEA agent skipped bail and is at large.
In January 2002, a New York Jury awarded $450,000 in damages to an individual who lost a job opportunity because his profile contained a false criminal conviction. In that case, the judge found that ChoicePoint either intentionally maintained substandard procedures for verifying accuracy of data or should have known that its procedures were substandard under the Fair Credit Reporting Act. Obabueki v. IBM, 145 F. Supp. 2d 371 (2002).
In April 2002, private-sector profilers met to discuss how they could compile consumer information for terrorist risk profiling and sell it to the government. That meeting, organized by the Center for Information Policy Leadership (CIPL), was attended by a number of companies that are attempting to sell their marketing products for anti-terrorism purposes.
In May 2002, FBI agents Lynn Wingate and Jeffrey Royer were indicted on fraud charges relating to use of government databases. The FBI agents allegedly used their access to agency databases to provide information on companies for stock manipulation purposes. One agent allegedly searched the NCIC database and used information contained within it to smear a company executive and lower stock prices. Both allegedly used confidential FBI databases to monitor government investigations of the other stock manipulators.
- EPIC Complaint in EPIC v. Dept. of Justice et. al.
- Press release in EPIC v. Dept. of Justice et. al., January 15, 2002.
- ChoicePoint, a profiling company. ChoicePoint operates a number of websites devoted to law enforcement access to personal information, including ChoicePoint Online for the FBI, ChoicePoint Online for the INS, ChoicePoint Online for HUD, and ChoicePoint Online for the Government.
- Mexico claims ChoicePoint stepped across the line, Atlanta Journal Constitution, April 27, 2003.
- DEA data thief sentenced to 27 months, SecurityFocus, December 18, 2002.
- Top 10 List of Police Database Abuses, TechTV, June 11, 2002.
- Five, Including F.B.I. Agents, Are Named in a Conspiracy, New York Times, May 23, 2002.
- FBI Agents Indicted for Fraud Scheme, New York Times (AP), May 23, 2002.
- Police Records For Anyone's Viewing Pleasure, Washington Post, May 23, 2002.
- Big Apple: Jury Awards $450,000 Against ChoicePoint, Privacy Times, March 13, 2002.
- Greg Palast, Ex-Con Game, How Florida's "Felon" Voter-Purge Was Itself Felonious, Harper's Magazine, March 2002, p. 48-49.
- Letter from the Center for Information Policy Leadership to Private-Sector Profilers.
- Accused DEA Data-Thief On the Lam, Businessweek, February 12, 2002.
- ChoicePoint Breach (II), Privacy Times, January 30, 2002.
More Online Security Woes For FBI's Data Firm, Newsbytes, January 28, 2002.
- Data Collectors Need Surveillance, Too, Businessweek Magazine, January 24, 2002.
- E-Legal: Uncovering Alleged Government Purchases of Electronic Personal Data, Law.com, January 22, 2002.
- Data Firm Exposes Records Online, Wired, January 22, 2002.
- Commercial Database Use Flagged, Federal Computer Week, January 16, 2002.
- Greg Palast, The Best Democracy Money Can Buy, Pluto Press (2002).
- Senate should ask FBI nominee Mueller about privacy, EPIC says, Declan McCullagh's Politechbot.com, July 27, 2001.
- EPIC Letter to the Senate Judiciary Committee, EPIC Web Site, July 26, 2001.
Botched Name Purge Denied Some the Right to Vote, Washington Post, May 31, 2001.
- My FBI File, Richard Smith Tipsheet, Privacy Foundation, May 11, 2001.
- What They (Don't) Know About You, Wired, May 11, 2001.
- FBI's Reliance on the Private Sector Has Raised Some Privacy Concerns, Wall Street Journal, April 13, 2001 (subscription required).
- FBI turns to private sector for data, MSNBC.com (WSJ), April 13, 2001.
- How ChoicePoint serves up your personal info to the FBI, Declan McCullagh's politechbot.com, April 13, 2001.
- DEA Agent Charged With Selling Data, Security Focus, January 22, 2001.
- Florida's flawed "voter-cleansing" program, Salon.com, December 4, 2000.
- Online Trove of Property Data Is Raising Concerns in Nassau, New York Times, September 27, 2002.
- Outdated Systems Balk Terrorism Investigations FBI, for Example, Couldn't Track Flight School Data, Washington Post, June 13, 2002.
- Firms Dig Deep Into Workers' Pasts Amid Post-Sept. 11 Security Anxiety, Wall Street Journal, March 12, 2002 (subscription required).
- Push to Close Autopsy Files Reaches Md., Washington Post, January 18, 2002.
- Judge rules New Jersey cannot post addresses of sex offenders, Nando Times, December 7, 2001.
- California sells birth records of its citizens, Politechbot, December 5, 2001.
- Accessing Public Records in the Digital Age, Slashdot, December 4, 2001.
- State sells birth data to Web site, raising ID theft fears, Mercury News, November 28, 2001.
- Who Wants to Be an Oregonian?, Slashdot, November 28, 2001.
- Alleged ID Theft in Oregon Could Could Affect Thousands in Oregon, Yahoo News, November 27, 2001.
- Partial Ban Asked for Records on Net, Law.com, November 26, 2001.
- Connecting the Dots Between Public Records Databases, Privacy Foundation, August 28, 2001.
- As Public Records Go Online, Some Say They're Too Public, New York Times, August 24, 2001.
- How Public Should Public Records Be?, Slashdot, August 24, 2001.
- Customer Data Means Money, Information Week, August 20, 2001.
- FOI Material Limited by State Copyright, Tech Law Journal Daily Report, August 7, 2001.
- Identity Thieves Thrive in Information Age: Rise of Online Data Brokers Makes Criminal Impersonation Easier, Washington Post, May 31, 2001.
- Lawmakers Try To Seal Officials' E-Mail, Net Records, Newsbytes, March 23, 2001.
- Md. Woman Caught in Wrong Net; Data Errors Link Her to Probes, Costs 3 Jobs, Washington Post, December 15, 1997.
- Daniel J. Solove, Access and Aggregation: Public Records, Privacy, and the Constitution, 86 Minnesota Law Review 6 (2002).
- Daniel J. Solove, Privacy and Power: Computer Databases and Metaphors for Information Privacy(MS Word Format), 53 Stanford Law Review 1393 (2001).
- Jeff Hatch-Miller, Question of Privacy, Governing Magazine, February 1, 2001. Representative Hatch-Miller is a Republican in the Arizona House. He has provided a framework for protecting public records that includes Fair Information Practices (FIPs).
- Mary Jo Obee & William C. Plouffe, Jr., Privacy in the Federal Bankruptcy Courts, 14 Notre Dame Journal of Ethics and Public Policy 1011 (2000).
- Roger Clarke, Privacy and 'Public Registers,' May 11, 1997. In this article, Professor Clarke argues that public records should not be treated differently than other files containing personal information.
- Robert Gellman, Public Records: Access, Privacy, and Public Policy, April 21, 1995.
- Erik Larson, The Naked Consumer: How Our Private Lives Become Public Commodities, Henry Holt (1992).
- Oscar Gandy, The Panoptic Sort: A Political Economy of Personal Information,1993.
- Robert Ellis Smith, Ben Franklin's Web Site: Privacy and Curiosity From Plymouth Rock To the Internet, 2000.
- Los Angeles Police Department v. United Reporting Publishing Corp ., 528 U.S. 32 (1999). In LAPD, the Court denied a First Amendment challenge to a statute that limited commercial access to arrest records. The statute allowed public access to the records for scholarly, journalistic, political, and governmental purposes.
- Los Angeles Times v. County of Los Angeles , 956 F. Supp. 1530 (C.D. Cal. 1996). In Los Angeles Times, Los Angeles County has created a system that provided public access to civil case information. The LA Times newspaper sought free access to the system, claiming that charging for access violated the First Amendment. The court held that the system did not comprise court records and that the First Amendment had not been violated.
- Nixon v. Warner Communications, Inc ., 435 U.S. 589 (1978). Nixonrecognized the common law right to access court case files. The Court held that the right was limited where "court files might have become a vehicle for improper purposes."
- Whalen v. Roe , 429 U.S. 589 (1977). Whalenrecognizes an individual interest in avoiding disclosure of personal matters. In that case, citizens challenged a record-keeping system where a database was maintained of individuals who had prescriptions to addictive drugs. The Court held that the collection of such data carried with it a responsibility to avoid unwarranted disclosures.
- Cowley v. Pulsifer, 137 Mass. 392, 394 (1882). In Cowley, Justice Holmes wrote that access to court records ensures: "that those who administer justice should always act under the sense of public responsibility, and that every citizen should be able to satisfy himself with his own eyes as to the mode in which a public duty is performed.
EPIC relies on support from individual donors to pursue our work.
Subscribe to the EPIC Alert
The EPIC Alert is a by-monthly newsletter highlighting emerging privacy issues.