California Court Posts SSNs, Medical Records

Lucas123 writes "California's Riverside County Superior Court's Web site is serving up document images containing SSNs and detailed medical records relating to civil cases, according to a couple of privacy advocates. All of the documents are free to anyone who knows where to look for them. 'Searches done on the court's Web site turned up various documents related to civil cases that contained sensitive information. Included were complete tax filings, medical reports pertaining to cases handled by the court, and images of checks complete with signatures as well as account and bank-routing numbers.'"

Use the source, Luke

[BadAnalogyGuy]

Well, the layout and general ugliness of the site gives an indication as to what could possibly be driving the website.

<meta name="GENERATOR" content="Microsoft FrontPage 6.0">

Ah, a clue!

Re:

[Z34107]

Troll?

Either way, this is stuff that Epic Systems of Verona, WI has already done. Their software runs at a lot of hospitals, from the check-in desk to the little dumb terminal in the doctor's office that brings up your charts and records.

They also have a "dashboard" application where you can check your medical records and schedule appointments online. I don't know of any hospital near me that uses that app, but some hospitals advertised the online features they got from Epic on television.

BZZZT... thankyouforplaying...

[Gription]

Your all looking at the wrong server. (not to mention RTFA...) The article isn't talking about medical records systems or doctor/hospital systems. The abstract clearly says it is a court system serving up civil case records. Health care systems? Huh???

The server http://www.riverside.courts.ca.gov/ [ca.gov] is just the main directory for all of the court's web presence. You did notice that there aren't any personal documents there didn't you?

The court records are served up from: http://public-access.riverside.cou [ca.gov]

Re:

[Z34107]

This line in parent AC is what caught my attention:

Microsoft sees a future in which a physician in a hospital calls up a patient records and instantly sees a dashboard of relevant information drawn from all the patient records going back many years

I thought it was hilarious - he's spinning it as Microsoft has some dastardly for FrontPage to serve up your medical records over the tubes when there are companies out there that actually earn their bread and butter doing just that.

Individuals are the only ones who care

[rbanzai]

Only YOU care if your information is made public. There is absolutely no reason for any public or private organization to give a shit, and they make that evident over and over. Until it is more cost effective for them to protect the info than to leak it they will continue to do so. And that's never going to happen.

Enter legislation

[Nerdposeur]

Until it is more cost effective for them to protect the info than to leak it they will continue to do so.

Which is why we need legislation that will fine them for releasing that information.

Another idea would be to demote the person who made the decision to post that stuff publicly to Official Identity Theft Aftermath Cleanup Technician.

Re:

[Firefalcon]

Better would be a demotion to "Public Toilet Cleanup Technician"...

Re:Enter legislation

[frosty_tsm]

Official Identity Theft Aftermath Cleanup Technician.

Better would be a demotion to "Public Toilet Cleanup Technician"...

"Official Public Toilet Aftermath Cleanup Technician"?

Re:

[Sparks23]

Why not just make a law that if someone has leaked your identifying financial information, if you become a victim of identity fraud they can be held responsible? I.e., have to fund the fixing-it-up?

Doesn't matter if you can't prove /their/ leak is where the information got out. If they leaked and your identity is stolen, they're liable. THAT would work as a deterrent, I think.

Re:

[maxume]

No one would offer financial services anymore.

Much better to make the company who issues credit to an impersonator responsible for the credit they issue rather than the person who matches the mystical, enchanted number (I don't know what else could possibly make a number secure) that was used for identity.

Re:Enter legislation

[zymurgyboy]

A leak would be one thing; these muppets INTENTIONALLY POSTED this stuff. From TFA:

But the court's IT director defended the practices, saying that documents are being posted on the Web site in accordance with California laws and that finding data such as Social Security numbers is akin to "finding a needle in a haystack."

Wow.

You know, just because something can be done, doesn't mean it is necessarily to be done. This guy may want to take a look at Maryland's case search engine [state.md.us] to see an example how someone with some sense would do it. Jeebus.

Re:

[justadave]

Muppet? Like swedish chef?

Re:

[zymurgyboy]

Bork. bork. bork. :^)

Re:

[Roxton]

It's not fair to blame the IT Director here. All the information posted online is public information. Without the site, any scumbag could go to the courthouse and access this information -- a key difference being that you would never have heard about it.

Now, I realize there's a qualitative difference between Internet accessibility and walk-in accessibility, but I do think we need to address the larger privacy concerns.

Re:

[icepick72]

The problem is when the needles in the haystack are found they are immediately made available to everybody. There's a measure of Internet sensibility that isn't being adhered to. When the medium changes, often the rules need to change too.

Re:

[Atlantis-Rising]

Court documents are publically accessible, yes. There are a handful of exceptions (they can be sealed by judicial order, although it is rare) and accessing the dead-tree versions is simply more time-consuming than accessing the online documents, but they're still there.

In many cases, it's also possible to simply call or fax the court office and ask for the information to be sent to you, so you don't even need to poke through the information yourself.

That said, I don't think it's either possible or reasonabl

Re:

[suitepotato]

Which is why we need legislation that will fine them for releasing that information.

With a government which already holds itself at immune to its own courts and its own laws as inapplicable to itself, this would be useful exactly how?

The government is impotent and powerless. WalMart can get away with contempt of court as easy as you get away with jaywalking and everyone increasingly knows it.

Welcome to breaking point.

Re:

[zymurgyboy]

Why stop there? French privacy laws provide for jail time under certain circumstances.

Identity theft is really pretty easy, in large part because everyone from the government to the local grocer can get away with playing fast and loose with whatever data of yours they have on hand. Fines won't stop that, especially if the payoff is larger than the fine anyway.

We'd be better off if we stopped locking up rinky-dink hop heads and replaced them with the aiders and abettors of identity thieves.

Re:

[jlarocco]

Which is why we need legislation that will fine them for releasing that information.

WTF? We're in bad shape when a "There should be a law..." post gets rated Insightful

Making a new law isn't going to help anything. It's against the law to kill people and smoke pot, but it happens all the time. Sure, the companies will pay some tiny fine as punishment, but that doesn't really solve the problem of "Your private info was just given to scumbags".

The only way to make companies stop losing information

Re:

[u38cg]

And what about when it is your government [bbc.co.uk] that has managed to lose it? Good luck with boycotting your tax payments...

Re:

[jlarocco]

And what about when it is your government that has managed to lose it? Good luck with boycotting your tax payments...

True, boycotting won't work for the government. But, the government employees didn't get there by accident. People voted for them, or voted for the people who hired them. Somewhere up the chain, some elected official is responsible for the people who fucked up, and they should be fired, impeached, voted out of office, or otherwise removed. If losing data means a person loses their care

Re:

[JaiWing]

THERE IS LAW: HIPAA http://aspe.hhs.gov/admnsimp/pl104191.htm#1177 [hhs.gov]
Someone need to mail them to the wall for disclosure of medical documents.

Re:

[NeutronCowboy]

I think it goes beyond that. In the case of court filings, documents used in the case become public evidence, and as such, are required to be available publicly. At least, that's my understanding.... not sure how that applies to information that would normally be covered under HIPAA or similar privacy laws.

This is just the tip of the iceberg of the information flood. As much as people hate the idea here, I think that there is a need for a federal ID piece that can be used to positively identify someone, wit

Re:

[nexuspal]

Yeah lets tie it in with DNA so nobody can forge it! Hell, lets just implant a tiny RFID at birth while we're at it... It's already bad enough people need to fingerprint to use a vehicle, or if you are arrested for any reason, a DNA sample is taken. Lets just start it at birth!

Re:

[NeutronCowboy]

Those are bad ideas, because they can't be changed. That's why I didn't use them. Do you have an idea on how to solve the problem of positive ID? How to prove you are you, when lots of people are trying to impersonate you? Or do you just like to cling onto an outdated idea of privacy that didn't even work well in the Wild West?

Re:

[nexuspal]

I believe any positive ID will be used in the future to control the population. I don't like to be controlled, categorized, and treated as a number, or a marketing demographic/classification by a government that is armed to the teeth, and has shown time and time again that they believe they are above the law. Remember the term "Papers Please" shown in so many WWII movies... ah yes, papers to control people, imagine if they had DNA or what have you... Do you think a single Jew would have made it out? A pa

Re:

[NeutronCowboy]

Two things: positive ID is already required in a number of instances. The current system is just so wide open for abuse that it's unconscionable. Furthermore, the Wild West system was completely ripe for abuse - primarily because there was no real way of knowing whether what anyone said about themselves was true.

Lastly, I'd also challenge your belief that any positive ID will be used to control (in the Orwellian sense) the population. Jews snuck out because people didn't know their race when the presented f

You used to be able to get a passport without ID

[davidwr]

I don't know how it is now but before 9/11 an adult could get a passport if they had two people testify that they knew the person well for 10 years.

The intent was so Ma The Farmer's Wife who never had a birth certificate or driver's license could get a passport even if she'd lost her family Bible and birth records in a fire and the doctor or midwife who birthed her was also dead. She could round up a few people who knew her for a long time and get a passport.

These days, with very few Americans under 50 lac

Re:

[eln]

Maybe everybody gets their own private PGP key at birth?

Sure, and then someone gets access to your private key and then you're boned for life.

Same problem with exclusive use of biometrics: If someone manages to forge your biometric signature, you're completely hosed because you can't change it.

Re:

[NeutronCowboy]

Just like changing your name, you can have a process that lets you update your PGP key. With biometric information, that's not controllable.

The point is that if someone gets a hold of your personally identifying information now, you're boned as well. Why not make the process by which that information is obtained as hard as possible?

There are plenty of services that don't need personally identifying information, but there are some that do. Encrypt information to be sent with your private PGP key, and the oth

Re:

[imamac]

That's why you combine it with a unique PIN that only you know. Just like CAC ID cards in the military.

That's why some courts redact such information

[davidwr]

In some courts, "public" information is routinely redacted. You have to get a court order or be someone special to see the originals.

This also applies to evidence in criminal cases too. If I defraud 10 people's bank accounts at ACME Bank, those account numbers may be redacted depending on the court and whether the accounts are still active. If I'm on trial for k1dd13 p0rn or stealing nuclear secrets you can bet the main evidence will be sealed from public view.

Re:

[zymurgyboy]

Just because something is public record doesn't mean it necessarily must written in block caps plastered on the nearest billboard. Some information -- even public information -- should have a gatekeeper. If it were my tax return, I think I'd want someone seeking it to have to ask the court clerk for it, and possibly, explain why.

Re:

[SatanicPuppy]

The real issue is, most public records that deal with the government are extremely difficult to obtain, requiring repeated FOIA requests, and occasional legal action. Try to get government salary figures (which are also public information) for the morons who are posting this information, and I bet you'll have to jump through hoop after hoop.

Yet when its just some private citizen's information plastered all over the place it is no big deal because it's "public information".

Re:

[TheHorse13]

A little regulation called HIPAA is supposed to handle this sort of issue. I wonder who will be doing the jail time if it's found that due diligence wasn't followed?

Oops! Our bad!

[TheRedSeven]

Bravo to California, Bastion of Democracy... It does raise a question though: How do FOIA requests match up with HIPAA regulations? FOIA generally allows you information on government happenings; HIPAA gives strict guidelines about privacy of Personal Health Information. Which takes precedence?

Re:

[eln]

Don't FOIA regulations already allow for redacting of documents to eliminate classified information prior to release?

I haven't read FOIA in its entirety or anything, but it seems to me it would allow for redacting to comply with HIPAA as well.

Re:

[countSudoku()]

I'll bet HIPAA. Of course, this leak is hardly surprising, given the probability that no one of right mind would want to work for their local government much less for the very low pay and crappy job atmosphere. Their ability to attract the best and brightest is overshadowed by the inability to pay anything close to market wages. If there's any good IT people working in local government then they're probably looking for a better job, or making real money contracting special services back to the gov. It's

Re:

[flink]

Courts are not HIPAA covered entities. Only health care providers, health care clearinghouses, and health plans are covered. Before you ask, a court doesn't count as a clearinghouse. In over simplified terms, a clearinghouse is a covered entity that processes information on the behalf of another covered entity.

Re:

[QuantumRiff]

I'm not certain, but I do believe if you disclose your personal information to the courts because of the Americans with Disabilities Act; IE, you need to have recesses every 2 hours because of a medication you need for X, that becomes HIPAA covered, doesn't it?

Re:Oops... FOIA vs HIPAA

[Prisoner's Dilemma]

FOIA has some exclusions, but it doesn't matter because HIPAA is a joke.

For example:
I used to be a full time preventer of natural select (firefighter/paramedic) working for a city government. Under the FOIA they were supposed to release out information excluding a few tidbits like SSN, medical screening, etc. However, it was only applied when it benefited the city. If a reported wanted to inspect an employee's file, if the reporter was a city friendly one, they wouldn't remove or blank out any personal info

Meanwhile....

[Otter]

Meanwhile, in Italy, the outgoing government posts everyone's income and tax data [bbc.co.uk]. Deputy Economic Minister Vincenzo Visco bizarrely explains:

This already exists all around the world, you just have to watch any American soap to see that.

SCrubing SSN's is not the answer

[geekoid]

the answer is to stop using them for credit scores and ID.

If you have nothing to hide....

[Brain-Fu]

They say that if I am a good citizen who is following the rules, then I should have nothing to hide, and shouldn't mind a high level of governmental monitoring of my private life.

Well I DO have something to hide *from criminals.*

The data that the government monitors gets stored and handled by an incompetent IT staff overseen by decision-makers who are even less competent. The level of data tracking that the government insists it is justified in doing directly harms the people being tracked, not because of

Re:

[Fozzyuw]

the answer is to stop using them for credit scores and ID.

What would replace them?

Re:

[geekoid]

Each credit company could issue their own numbers.
The removes them from the one place they are most abused.

Make it a problem for the corporations to deal with.
When one of the CSIDs(CreditScoringID) is stolen, it only causes issues with the Credit scoring. You don't need to worry about your whole life being tied to that one number.
Since you can't get a new SSN (usually) once someone has it and can tie it to you, your whole life is comprised.

You Drivers license should be your ID.

Re:

[Bryansix]

This is exactly the correct point. A SSN does tie to a single person but it shouldn't be used to authenticate that the person serving it up really is the person tied to the SSN. Real authentication needs to take place. Shoot, I'd rather have to give my fingerprint if it meant I wouldn't have my identity stolen.

Furthermore when an ID is stolen, the company that let the theif sign up for credit in someone elses name should be fined and scrutinized for further possible fraud. We need to make the companies

Re:

[CowboyCapo]

As an aside, with gelatin, latex, and a few common household chemicals, it is possible to make a 'glove' that will at least simulate someone else's prints. Sorry, one more biometric to toss into the toilet of history.

Re:

[Bryansix]

I'm sorry but when a 4 foot tall woman shows up to give my print I think they'll figure it out. I'm 6 feet tall and a guy. The point is to make it harder to be a criminal. Right now you don't even have to leave your house.

Re:

[gd2shoe]

A SSN does tie to a single person...

This is a common misconception. There are honest duplicates within the system. I'm not talking about the "undocumented worker" down the street. Duplicate SSN's are issued. You need some other information such as a name to make it a unique identifier.

There are almost 304,000,000 people in the US. If they were unique, that would mean that a third of the total possible SSNs must be used just for the current living population. Count everyone who has died since 1936

Cost/Benefit. They don't cost, and do benefit.

[Behrooz]

Unfortunately, all of the costs of identity fraud are borne by the consumer, while all of the benefits of quick/insecure identification are reaped by the lending industry.

Strong and secure methods of identification and verification need to make their way into the financial world, but changing the existing infrastructure is expensive, so it isn't going to happen. At least, not until some enterprising individual has their identity stolen and successfully manages to sue the lending industry for fraud...

For those of you who know of anyone who's a victim

[Anonymous Coward]

1. Call each credit bureau and put a freeze on your credit. The credit bureaus will say they'll contact the others but they never do. You can do it anyway even if you're not a victim of identity theft but they'll charge anywhere from $10-$20 per credit bureau.

2. You are entitled to at least ONE free credit report per year and depending on your state maybe more. Federal trade Commision's site [ftc.gov] is the ONLY truly free credit report. Those other sites are trying to sell you other stuff and they're not on the

Re:For those of you who know of anyone who's a vic

[eln]

If you're really paranoid about identity theft, then go for one of the credit monitoring services run by a credit bureau. The one I've found most useful is truecredit.com, which is run by TransUnion (which, by the way, is by far the easiest credit bureau to deal with in my opinion). It costs a little more than most others ($14.95 per month) but it allows you to update your credit report from all three bureaus as often as you want (daily if you really want to) and offers online dispute filing for all three

Re:

[Knowzy]

Absolutely- if you're looking to prevent identity theft, rather than learn about it after the fact, a security freeze (sometimes called a credit freeze) is the way to go.

Credit monitoring is expensive and does nothing to stop ID theft. Sure, if somebody does use your identity fraudulently, you'll get an e-mail about it but the damage is already done.

You're paying $180/year just to learn you've been screwed sometime after it happens!

On the other hand, security freezes locks your credit reports with a PI

TransUnion is the easiest???

[SpammersAreScum]

...TransUnion (which, by the way, is by far the easiest credit bureau to deal with in my opinion).

Good God. Please tell me you're kidding! After my experience with TU (may they end up that way), I shudder to think what the others must be like.

Easily predicted

[NaCh0]

The more you tell your life to government (and anyone really), the more it will find it's way into general knowledge. This is one of the reasons I'm against any "universal" government program. Heck, it doesn't even have to be medical records. Think back to the recent passport flap with high profile politicians. The government is not looking out for you.

Hey public record

[DarkOx]

Most court proceedings are a matter of public record unless a judge orders them sealed. I should be this way too because we have a legitimate interest in what is going on in our courts. That information is probably relevant to the decisions on the quality of the proceedings much of the time. Frankly as much as its unfortunate for the people and organizations that find themselves in the court rooms, its probably the right thing to do to publish those items.

Re:

[whoever57]

Most court proceedings are a matter of public record unless a judge orders them sealed.

Or option 3: redacted versions of the documents can be published. The redacted versions will have private information removed.

Court documents are sealed all the time. There is no reason why medical information and SSNs should not be sealed or redacted.

Government Logic - SB1386

[a-zarkon!]

I love the fact that this is a California court. California being the leader in privacy protection and breach notifications and everything with their landmark SB-1386 legislation.

HIPAA

[ohzero]

This is another perfect example of the federal government not enforcing HIPAA whatsoever. Its a great standard. Like PCI, easy to read, very prescriptive, and leaves little room for interpretation. Unfortunately, because of the way it was put into effect, it will likely never be enforced.

The only fallback that people have legally is that California privacy bill that's mentioned in section 12 of PCI.

Court Information is public record

[PhreakOfTime]

While it is unfortunate that such things as SSN's are being made public, the hard reality is that anything contained in a court record is public information.

Open access to government is a two way street, and is meant to prevent corruption and give the public a clear view what their government is doing.

On a side note, my county also publishes court records on the internet that are public information. However, it is limited to the court schedule, case#, charge, and attorney schedule.

The fact that this schedule is public information is still not a concept some people are aware of. Ive heard stories from court employees of upset people coming in and demanding that their DUI case be taken down from being publicly viewable. Unfortunately for these people, the law says otherwise.

I even have personal experience in some of the reactions people have to this publicly available information after I posted a link to the county courthouse on one of my websites. A Company called Caton Commercial [willcounty...tcourt.com] even went to far as to have their attorney draft a cease and desist letter threatening me with legal action, and demanding that I remove this linked information, and turn over my legal domains to them to stop this 'knowingly libelous' action. Although, Im not sure that they thought through how they were going to present to a judge their case that the courts own website schedule was the source of this so-called libelous information. Like every other company before that has failed to grasp the concept of the internet, all the attention this brought to the linked information was a lovely demonstration of the 'Streisand Effect'. Once again, adding more weight to the phrase 'more dollars than sense'.

Re:

[SCHecklerX]

The case itself is one thing. Private information about a person, that has nothing to do with the case itself, is quite another.

Re:

[PhreakOfTime]

I agree with you.

I also agree with the google filter that knows that its not 'google-bombing' when the hyperlinked word is actually contained in the website that is being linked to.

Violation of federal law:

[Rageon]

I can't imagine this will last long, as it's a clear violation of federal law. I work for a court, and we ALWAYS need to redact SSN from every order (unless it's just being disclosed to that specific person). It's against state law here, but also federal. From 42 U.S.C. 405(c)(2)(C)(viii):

Social security account numbers and related records that are obtained or maintained by authorized persons pursuant to any provision of law enacted on or after October 1, 1990, shall be confidential, and no authorized person shall disclose any such social security account number or related record.

So I really can't imagine the court can defend this in any way at all.

Re:

[cprael]

Right. Have you looked at federal lien filings? Tax and court both are _required_ to include the SSN/taxpayer ID # when filing this stuff. I can walk into any county records center and pull this stuff up. Since it's digitized, I can also usually search by type of filing.

And you'll note that "pursuant to any provision of law enacted on or after October 1, 1990" portion. Generally these filings are based on law going a lot further back than that.

Sorry to burst your bubble on this.

Amateurs ...

[golodh]

I'm ashamed of California's state government ... this "disclosure", while well-intentioned, is second-rate and amateurish beyond belief.

Just to see how it's done, have a look at the way the Italian Government handled things (http://news.bbc.co.uk/1/hi/world/europe/7376608.stm).

See? Now *that's* what I call disclosure. Those piddly efforts in California don't even come close.

the system needs to change

[blhack]

Lets face it, the concept of a SSN being a positive identification needs to just stop. Do I have a solution? No, but the fact that somebody can walk into a bank and open an account in my name simply by possessing My publicly available address, and a 9 digit number needs to be looked at as an absolute failure. The tin foil hat wearing crowd will object until the very end, but IMHO biometrics need to become the standard. A retina scan, is something that is not easily forged (i'm not saying its not possible

Re:

[account_deleted]

Comment removed based on user account deletion

One word -

[sm62704]

HIPPA [wikipedia.org]

Somebody's in some DEEP SHIT over that. Iinm a judge can't order that a federal law be broken unless that law has been deemed unconstitutional.

Nothing To Do With HIPAA

[Kozar_The_Malignant]

HIPAA is the Health Insurance Portability and Accountability Act of 1996. It regulates Health Insurance. It contains a Privacy Standard that regulates how Protected Health Information (PHI) may be used. A little piece of it says that your SSI# can't be used as your ID number in health insurance. There are still lots of legitimate uses for that number both in and out of health insurance.

Nothing in HIPAA has anything to do with the court system. I want court records to be public documents. I want un

Re:

[deepunderground]

IIRC, in the first few pages of HIPAA it explains that the law is all about and only about the transfer of medical information over computer networks. It's not just applicable to insurance, it also applies to information transfers between hospitals and *any* electronic transfer of patient records. I learned all this while working for a private ambulance company, where this is a big deal due to the complex billing associated with transports.

Now, if downloading patient records from a court website isn't

Re:

[Drantin]

Perhaps not with HIPAA, but how about The Privacy Act [wikipedia.org]?

Re:

[Drantin]

Never mind... court records seem to be exempted...

Why do we tolerate the civil court system?

[dloyer]

It only exists to make money for lawyers.

If you have ever been unlucky enough to be involved with a lawsuit, you know how greedy and "entitled" these "officers of the court" are.

Re:

[Vegeta99]

So what was I supposed to do about the bitch that hit my car last year, never told her insurance company, and the cops wouldn't do shit about it? Sit on my thumb and rotate? Go blow up her car?

If you are going to court in CA

[alex_guy_CA]

Take a big fat sharpie and blacked out all account and SS #'s. Really.

Public Records

[sanjacguy]

We operate with a model of a free public record for legal documents. In Texas, there was a brief move to scrub SSNs from legal documents prior to "publishing" them. Most law offices promptly informed the legislature that their law couldn't work, because you can change your name, you can pretty much change everything but your SSN.

Add to that the problem of Public Records - if you charge to access them (presumably to limit access), they're no longer public. Public Records also have all the other problems

Needle in a haystack

[exp(pi*sqrt(163))]

> finding data such as Social Security numbers is akin to "finding a needle in a haystack."

Haven't these people heard of computers? You know, those things you use to rapidly search for digital needles in digital haystacks?

Re:

[geekoid]

What I thought was:
Too bad these kind of hay stacks can be searched in seconds.

Remember kids, wikileaks=wrong, us courts = OK

[plasmacutter]

Remember kids, if you are a public interest blog, you are gagged for simply having the POTENTIAL to release this information.

It's perfectly ok though for the federal government to actually do it.

Overblown much?

[Kelz]

The court put up their public files online. Some clerks forgot to blank out or scanned in the wrong papers just a few times out of the hundreds of thousands of records, and a few social security numbers got accidently released. Why isn't this expected just as a part of human error, when companies are leaking thousands at a time due to the acts of rogue database operators looking to make a buck?

I'll bet I can find more social security numbers and bank account numbers from my apartment dumpster than is on t

Re:

[josepha48]

In a day and age where we have so much identity theft, they basically gave the thieves the identities to steal. Then the government is going to say, hey it is your problem not ours and people will spend huge amounts of money to fix this.

It is not overblown, IMHO, and the responsible people should be canned! There should be laws against this also. This includes corporations that do this. Like maybe jail time for aiding a thief!

Re:

[Kelz]

No, they said "Theres hundreds of thousands of records in there, its not easily searchable (I.E. you have to go through each and every case opening jpgs for the information) to find an a clerical error that may give you somebody's SSN (these are also public records that you can go down to a courthouse and look up as well). There are ways that are several orders of magnitude easier to get even more of the same information, including like my above post, a dumpster.

Maybe I still have more faith in humanity t

Re:

[josepha48]

an earthquake or tornado is not preventable at this day and age, but dumping ssn and other sensitive info out on the web is.

You have to much faith in humanity. Obviously you haven't seen the price of gas in the US, greenhouse issues and the lovely war that our oh so faithful president has gotten us into. But that is just MY opinion and I'm sure lots of people will disagree, and I usually call them dumb!

Sue them.

[v(*_*)vvvv]

If they cause irreparable damages or harm, they can still be held liable.

There is no two way street here. There is no reason we can't have an open government without web cams in our toilet seats. Do not be rediculous.

It doesn't take a rocket scientist to know the risks. If it were anyone else they would surely accuse them of intentional endangerment.

Why not make everything public?

[Jack Conrad]

Why do we just not make the jump and make everything public?

Our information is out there. It is getting leaked. It is being rampantly abused. Why not just make all of our information public?

Why note create nice, neat databases with comfortable user interfaces that can query all of your, currently, personal information? And apply this to *every* one and *every* organization. No clauses for 'national security'. Everyone gets to know everything about everyone whenever they want.

Works well with cameras everywhe

Look, we found something else to complain about!

[xodiak]

It's funny how everybody here gripes and moans about freedom of information and whatnot, but when something is provided you just want to complain about that.

This is an example of a government agency trying to make public information available to the public. All of the cases shown are civil cases which have been filed by persons in the court. All of the information was given to the court by the persons involved because of the the civil cases they started. The information contained within the documents is pub

Re:Look, we found something else to complain about

[Jack Conrad]

Can I whine about your whining about whining?

Re:

[xodiak]

Most certainly not. :)

Re:

[Jack Conrad]

Buuuuuuuuuuuuuuuuuuuuuuuuuuuuuuut I neeeeeeeeeeeeeeeeeeeeeeeeeed to be able to whine about your whining about whining.... pullllllllease......

HIPAA is important too...

[hejish]

I believe this is a breach of HIPAA federal regulations as well.

ANALOG Identity Theft

[RemberThe9th]

Out in the burbs of Boston, a slightly different wrinkle on "identity theft." An honest-to-God ANALOG version.

Seems a local bank (one that apparently doesn't scan in all their checks before shipping them out to a check-processing house) gathers up all the negotiable instruments (checks, mostly), puts them in a pouch and gives them to a bonded courier.

On one particular day, the courier stopped off somewhere during the not-so-swift completion of his appointed rounds. And, while s/he was out

Video re Riverside Court

[PandaTrainer]

Saw this video today regarding the Riverside Court exposing the thousands of social security numbers. Definitely looks like they have their hands full. http://www.vimeo.com/988775 [vimeo.com]