California Court Posts SSNs, Medical Records

Lucas123 writes "California's Riverside County Superior Court's Web site is serving up document images containing SSNs and detailed medical records relating to civil cases, according to a couple of privacy advocates. All of the documents are free to anyone who knows where to look for them. 'Searches done on the court's Web site turned up various documents related to civil cases that contained sensitive information. Included were complete tax filings, medical reports pertaining to cases handled by the court, and images of checks complete with signatures as well as account and bank-routing numbers.'"

Individuals are the only ones who care

[rbanzai]

Only YOU care if your information is made public. There is absolutely no reason for any public or private organization to give a shit, and they make that evident over and over. Until it is more cost effective for them to protect the info than to leak it they will continue to do so. And that's never going to happen.

Enter legislation

[Nerdposeur]

Until it is more cost effective for them to protect the info than to leak it they will continue to do so.

Which is why we need legislation that will fine them for releasing that information.

Another idea would be to demote the person who made the decision to post that stuff publicly to Official Identity Theft Aftermath Cleanup Technician.

SCrubing SSN's is not the answer

[geekoid]

the answer is to stop using them for credit scores and ID.

Easily predicted

[NaCh0]

The more you tell your life to government (and anyone really), the more it will find it's way into general knowledge. This is one of the reasons I'm against any "universal" government program. Heck, it doesn't even have to be medical records. Think back to the recent passport flap with high profile politicians. The government is not looking out for you.

Re:SCrubing SSN's is not the answer

[Bryansix]

This is exactly the correct point. A SSN does tie to a single person but it shouldn't be used to authenticate that the person serving it up really is the person tied to the SSN. Real authentication needs to take place. Shoot, I'd rather have to give my fingerprint if it meant I wouldn't have my identity stolen.

Furthermore when an ID is stolen, the company that let the theif sign up for credit in someone elses name should be fined and scrutinized for further possible fraud. We need to make the companies who offer credit accountable that they are authenticating people correctly before adding crap onto their credit records.

Why do we tolerate the civil court system?

[dloyer]

It only exists to make money for lawyers.

If you have ever been unlucky enough to be involved with a lawsuit, you know how greedy and "entitled" these "officers of the court" are.

Cost/Benefit. They don't cost, and do benefit.

[Behrooz]

Unfortunately, all of the costs of identity fraud are borne by the consumer, while all of the benefits of quick/insecure identification are reaped by the lending industry.

Strong and secure methods of identification and verification need to make their way into the financial world, but changing the existing infrastructure is expensive, so it isn't going to happen. At least, not until some enterprising individual has their identity stolen and successfully manages to sue the lending industry for fraud...

Remember kids, wikileaks=wrong, us courts = OK

[plasmacutter]

Remember kids, if you are a public interest blog, you are gagged for simply having the POTENTIAL to release this information.

It's perfectly ok though for the federal government to actually do it.

Re:Why do we tolerate the civil court system?

[Vegeta99]

So what was I supposed to do about the bitch that hit my car last year, never told her insurance company, and the cops wouldn't do shit about it? Sit on my thumb and rotate? Go blow up her car?

Re:Enter legislation

[jlarocco]

Which is why we need legislation that will fine them for releasing that information.

WTF? We're in bad shape when a "There should be a law..." post gets rated Insightful

Making a new law isn't going to help anything. It's against the law to kill people and smoke pot, but it happens all the time. Sure, the companies will pay some tiny fine as punishment, but that doesn't really solve the problem of "Your private info was just given to scumbags".

The only way to make companies stop losing information is to boycott them on a gigantic scale when they do. When they "misplace" your info and their revenue drops 75%, they'll pay attention and make sure it doesn't happen again.

I realize getting enough people to boycot is 100x harder than passing a worthless law, but it's the only way that would work. At some point people have to take responsibility for themselves and say "I'm not doing business with a company that will lose my data." If people can't be bothered to avoid unsafe businesses, the businesses aren't going to bother being safe.

So good luck with your law, but my money is on it not making a difference.