Judge lets privacy advocate keep Social Security numbers on Web site
Virginia can't prevent dissemination of personal data readily available from its own Web sites
Computerworld - Can a state government prohibit an individual from posting Social Security numbers online that were easily and legally obtained from government Web sites?
The answer, a federal judge in Virginia ruled last week, is a definite 'No,' at least for Betty "BJ" Ostergren, a privacy advocate who operates a Web site that posts Social Security numbers obtained from public records. Ostergren's postings are part of a campaign to show how easy it is to access very personal information on the Web.
In a memorandum issued last Friday (download PDF), Judge Robert Payne of the U.S. District Court for the Eastern District of Virginia ruled that it would be unconstitutional for the state of Virginia to force Ostergren to remove from her site Social Security numbers that she legally obtained from public records. A memorandum opinion does not create a legal precedent.
The Virginia chapter of the American Civil Liberties Union (ACLU) in June filed a lawsuit on behalf of Ostergren in Virginia's Hanover County. The lawsuit challenged the constitutionality of an amendment to Virginia's Personal Information Act, which forbids the dissemination of any records that contain Social Security numbers, no matter how the records were obtained. Violators are subject to fines of up to $2,500 plus $1,000 in court costs for each Social Security number posted.
Ostergen, who has been working for several years to force Virginia county governments to redact Social Security numbers and other personal data from records posted online, contended in the suit that the law was passed specifically to curtail her campaign.
Ostergren's Web site, The Virginia Watchdog.com, highlights privacy problems that can result from the posting of unredacted public documents such as land and tax-lien records posted on government Web sites. In recent years, she has chronicled dozens of cases in which local governments have inadvertently exposed Social Security numbers and other personal data on their Web sites, making them attractive targets for identity thieves.
As part of a campaign to draw attention to the issue, Ostergren routinely posts the Social Security numbers of high-profile individuals that she claims to have easily obtained from county and state government Web sites. The list includes former Florida Gov. Jeb Bush, former U.S. Secretary of State Colin Powell, former U.S. House Majority Leader Tom DeLay, former Missouri Sen. Jean Carnahan and several county clerks in Virginia.
Ostergren contended that the amendment to the state's Personal Information Act would have forced her to stop posting the personal information, while doing nothing to stop county governments from posting the same data.
She claimed that applying the amended statute to her Web site violated her First Amendment right to free speech.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Alert Logic for PCI DSS Compliance To achieve PCI DSS compliance, you must identify and remediate all critical vulnerabilities detected during PCI scans. Threat Manager streamlines this process by...
- Cybersecurity Imperatives Reinvent Your Network Security With Palo Alto Networks The Rise of CyberSecurity
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts