Privacy lost with the touch of a keystroke?
Personal info is easily accessed online - and privacy laws have yet to catch up.
The highway is packed as you drive home and then a car swerves in front and cuts you off. You jot down the license plate number as the traffic stalls. When you get home, you log onto the Internet, type the plate into publicdata.com, and up pops the owner's name, home address, and driving record.
New neighbors move in across the street. You wonder how much they earn, how old he is, if they're married or just cohabiting. A few clicks on the county court's website and you're privy to the husband's Social Security number, details about his wife, and the fact that he had a financial spat with a local business.
And it is all perfectly legal.
Public records held at the county clerk's office or city hall have always been available for public scrutiny, but to access them you needed to turn up in person between 8:30 a.m. and 4 p.m. Now, in the name of efficiency, many counties are putting their public records online and ending the practical obscurity paper records once offered.
And that's what alarms privacy advocates. It's not just checking out the new neighbors that's at issue. Those public files often contain sensitive personal information - particularly court documents, writes Beth Givens, director of Privacy Rights Clearinghouse, a nonprofit consumer education and advocacy group (privacyrights.org) based in San Diego.
Divorce decrees and child-custody cases can include accusations and allegations - whether true or not. Sexual-harassment cases can play on damaging allegations about the plaintiff's lifestyle or sexual history. Private medical records - not open to public scrutiny - sometimes end up in court documents, and thus online, if an insurance holder sues over payment claims. "It is a common tactic of companies to threaten to bring highly sensitive medical information, as well as other personal matters, into the case in order to discourage the plaintiff from proceeding," Ms. Givens notes.
Then there's identity theft and cyberstalking, both of which are significantly simplified by online access to public records.
Legislators are scrambling to catch up with the implications of this new high-speed access to once-privileged information.
Several federal laws already restrict public access to some types of personal data. The Graham-Leach-Bliley Act limits which institutions can view personal financial data. The Health Insurance Portability and Accountability Act (HIPAA) keeps a tight lid on personal health records. And the Children's Online Privacy Protection Act (COPPA) keeps minors' details off the Internet. But that leaves everything from marriage licenses to land records to bankruptcies filings to be picked over by the public.
The purpose of allowing the public to view these documents is transparency - a way to monitor the judicial system and ensure the equality of its operations.
"The concept of public records is to shine a light on government action and to ensure fairness," says Tena Friery, research director at Privacy Rights Clearinghouse. No one argues with that fundamental tenet of democracy.
Some, however, question whether the objective of keeping government honest cannot be achieved without putting such personal details on the World Wide Web. For instance, Social Security numbers, once described as the "key to your life" and the first thing an identity thief might look for, appear on most official forms and could be blanked out of documents that appear online. But given the expense of going back and redacting thousands of files already online, this isn't always happening.
Virginia resident Betty "BJ" Ostergren, a self-described privacy watchdog, has been following her own state's push toward digitizing public records. "I think it's a stupid, dangerous, reckless venture," she charges.
Two years ago she mailed hundreds of letters to individuals in King William, Scott, and Warren counties. Each person received a list of personal details about him or her that Mrs. Ostergren had culled from the Internet. The response was outrage, she says. Within 24 hours of her letters arriving "all three [Virginia] counties shut down their sites," she says. Two still remain offline.
If the public were more aware, Ostergren insists, few such sites would remain in operation - even if they are legal.
But some legal analysts suggest the tide of Internet exposure may be hard to turn back. It's a generational thing, says Mark McCreary, an attorney at Fox Rothschild in Philadelphia who specializes in Internet privacy issues. He cites Scott McNealy, Sun Microsystems' CEO: "If you're online, you have no privacy."
"As the Internet babies come of age - and Generation Y has had the Internet most of their lives ... there's going to be less and less of an expectation of privacy," Mr. McCreary says. "There may be stringent laws coming out saying what we're going to do with your information, but there are very few laws about what you can actually collect outside HIPAA ... and Graham-Leach-Bliley."
Even something as innocuous as junk mail has its source in public records. For years, counties have sold information in bulk to commercial companies that repackage it and resell it, either to other companies or to individuals.
Advertisers, marketing companies, hundreds of websites offering - for a price - "hard-to-find info about people" are all pulling their data from public records. Commercial background reports often have the option of monitoring an individual for a year, as their database is refreshed with new public records. A singles resort, for instance, uses recent divorce filings to plump up its mailing list.
All of this is legal. But, as America becomes a "dossier society," privacy advocates question how much of this activity still corresponds to the original intent of government oversight.
California is the first state to pass a law, this summer, that requires the consumer be told how personal information collected online will be used. In 2002, the state also enacted a law restricting remote access to files on some types of court cases - such as family law, juvenile, mental health, criminal, and civil harassment - that are available only at the courthouse.
With no federal law addressing access issues, each state and county is left to devise its own approach to public records. The Department of Justice's Office of Justice Programs has, however, produced three guides, including one called "Privacy Impact Assessment for Justice Information Systems," to help coordinate state and local efforts.
In the meantime, public pressure from people like Ostergren has slowed the movement toward online access in some counties and forced a closer assessment.
Laws now under consideration, says McCreary, focus on individuals' rights to see their own files. "It doesn't mean I should know about my neighbor or should know about other people. But I should be able to confirm the info that is there on me to make sure it's accurate and to keep the government in check."
State and county governments are also looking at the type of data collected and reviewing whether all the categories are necessary, McCreary says. Other solutions, privacy advocates say, might include regulating the information broker industry by keeping closer tabs on how personal data are used and by requiring more accountability from private investigators.
But the bottom line, warn some privacy advocates, may be that "old-fashioned" privacy - once defined by Supreme Court Justice Louis Brandeis as "the right to be let alone" - is becoming an anachronism.