Friday, September 11, 2009

Fending off attacks on open government

I wanted to mention a couple of notable open government cases that merit readers attention.

First, updating the case discussed in this post, the 5th Circuit ruled that two city councilmembers who'd challenged Texas' open meetings act no longer had standing to do so because they're not in office anymore. They never reached the question of whether the Open Meetings Act violates the First Amendment rights of city councilmembers, but requiring elected officials to discuss public business in public is an utterly reasonable restriction IMO. Nobody's reducing the right of individual speech; instead the law limits deliberation between a quorum on the council on public business to open, posted meetings.

Also, I'm pulling for Dallas News and the Attorney General against the Comptroller in a suit headed to the Texas Supreme Court over whether the state must release employee birthdates under the Public Information Act. There's no real way to use that information for identity theft, which is what the Comptroller claims, and there's a huge need for public interest investigators to keep that information open.

As a long-time open records user, I've got a personal dog in this fight because, as the Dallas News argued to the court, there's no other way to identify an individual if you don't have their DOB. Is the employee John Smith who you suspect of graft the same John Smith identified in real estate records who added a large wing to his home? Without the DOB or other identifying information, it's literally impossible to tell. Now, your social security number, driver license number - those things CAN be used for identity theft. But your DOB is on your voter registration information at the county, and voter rolls have never been a source of identity theft that I'm aware of.

I'm pleased to see Justice Dale Wainright expressing skepticism at the Comptroller's arguments, and also glad the Attorney General is aggressively advocating for open government in both these cases. The open government lobby in this state has weakened in recent years as newspapers lose reporters and revenue, so it's more important than ever that public officials stand up to protect openness and ensure accountability.

22 comments:

  1. I agree Grits, government should remain open. It seems some judges in Bexar County have forgotten the Open Government Rules. County Court Judges recently met in an unannounced meeting AND voted by secret ballot concerning Chief Probation Officer Fitzgerald. This does not give the public any participation in the process.

    ReplyDelete
  2. The thought that anything occurring that deals with Governmental business NOT being open is ludicrous. The elected officials are themselves elected to observe and carry out the WILL OF THE PEOPLE. There is no first amendment right when you speak about official business that you were elected to accomplish!

    they are still citizens of their respective cities, counties, states ELECTED to perform a PUBLIC duty for the people of their area.

    ReplyDelete
  3. They say 87% of the people in the United States can be uniqely identified by the combination of 5 digit zip code, gender, and date of birth.

    http://privacy.cs.cmu.edu/people/sweeney/kanonymity.pdf

    ReplyDelete
  4. It looks like my URL got mangled so lets try it like this:
    Source

    ReplyDelete
  5. Karo, I can't tell whether you're agreeing or disagreeing with the stance in the post, but that's exactly my point. Without that information, they can't be identified. The document you link to doesn't say it's possible to STEAL their identity with that info, just that it's possible to distinguish them from others with the same name, address, etc.

    Which is the Dallas News' point - the inability to do that would irreparably cripple investigative journalism and make background checks more difficult, among other negative unintended consequences.

    ReplyDelete
  6. The DOB case in nonsense. Do an open records request on voter registration from the SoS. You'll end up with DOB on everyone that votes. Though that's probably a problem needing to be corrected rather than something to point to.

    ReplyDelete
  7. ChrisH, or anyone, can you articulate why having DOBs public on voter registration rolls is a "problem to be corrected"? What, exactly, is the problem it causes?

    ReplyDelete
  8. The SoS barely has a compelling interest in requesting DOBs. It has zero public interest in releasing that information (especially when it's not even requested). The government is not some entity charged with the responsibility of being a warehouse of information on the citizens. It is an entity charged with the protection of life, liberty, property and ensuring justice reigns.

    It is MY identity, not the government's. The government demanding that I acquiesce to the release of that part of MY identity in order for me to exercise suffrage is an affront to liberty.

    Once the government can establish that I am qualified to vote, it has no need for my DOB and therefore no compelling interest in storing it.

    ReplyDelete
  9. This article Link is more concise and clearer on the issues of the trade-offs of useful data vs. private data.

    Privacy has always been a balancing act. It is even more so today when large numbers of databases can be mined rapidly to get missing pieces of your identity.

    ReplyDelete
  10. I think I'm with @Karo and @JWT on thinking personal privacy is the real issue here, not classic financial "identity theft" (which is really just the banks' choice to use a single, unchanging lifetime password (SSN) for each user in order to maximize the ease of getting credit, even though it's about as insecure an authentication system as you could draw up if you tried).

    ZIP and DOB are things that websites (including newspapers, naturally) ask to optimize their advertising or in the guise of complying with things like COPPA.

    A nice, searchable database matching names and DOBs goes a long way to matching internet profiles -- or other sorts of obfuscated data, like certain statistically reported public medical records -- with real human beings.

    I take your point to be, "It's great if investigative reporters can use it." That's true enough, but that's only part of the equation. Whatever investigative reporters can request under open records laws is 100% equally available to direct marketers, prospective employers, and (yes) those with more malicious intent. The open records law, as you know, doesn't permit the government to even ask you what your purpose is for the information.

    ReplyDelete
  11. No one has yet given a compelling way this data can be misused.

    ChrisH, it's your data but others have a right, e.g., to monitor for voting fraud and that's why the DOB's are public in the county voting records (which is where the SOS gets it). Partisan elected officials run voting systems and if they couldn't be monitored, nobody'd trust them.

    Also, this information is sold by the state for every Texas driver to a variety of database companies. Should only they get the information and not the average citizen or reporter?

    I disagree the Dallas News wants state employees' DOBs for marketing - that's just not what this issue is about. People give them that information voluntarily already to use their services.

    And Don, my point is, investigative journalism dies, almost immediately, if you remove these longstanding tools. None of this is about the Internet, all these records were available long before that.

    Finally, people planning to use information for nefarious purposes seldom use open records - it creates a paper trail a mile wide.

    There's a a LOT more public interest in this data being open than in closing it.

    ReplyDelete
  12. Grits, I agree that certain data has to be included in these databases to be useful. What is required is an entirely different approach to protecting identities than "anonymizing" or other security through obscurity techniques.

    The number of people using openly available data, which includes open records, is higher than you might think. Just scan through the back issues of risks digest to get some idea of what is frequently being done. The compromise of Governor Palin's Email used her birthday and other simply searched for information to reset her Yahoo account password.

    We are to the point where the fundamental ways we try to protect identity and personal information need to be redone. The old ways of addressing privacy and personally identifiable data won't work in the todays world of lots of data and processing power available to just about anyone that wants it.

    Don't know the answer but we need to address the question.

    ReplyDelete
  13. Grits,

    I can only speak for Tarrant County's practices as it's the only individual county's records that I have sought. Tarrant County only makes the year public, not the date. While I'm sure Tarrant County stores the date, they only provide the year. SoS publishes the date. But even still, it's not necessary to monitor for voting fraud. The registration card is valid when a registrar verifies that the person is of voting age, there is no reason to record the date. One can make an argument for the year so as to be differentiating between two individuals in a household with the same name. But even then it's not necessary as they can be identified uniquely by their name suffix.

    ReplyDelete
  14. JWT, Sarah Palin's failure to use a strong password on her Yahoo account needn't justify changing definitions of privacy. She's a public figure, after all and different rules apply to her anyway. I actually think the current privacy exceptions in the Texas Public Information Act basically strike the right balance.

    Also, IMO this isn't about the web - that hasn't really changed the issue that much. People were complaining about the same stuff, I know firsthand, regarding public records before the mid-'90s. There are a handful of investigative techniques, many of them centered at the county courthouse but increasingly in pay-per databases, that have constituted the backbone of investigative reporting work in America since the 1920s. People who are investigated often don't like it and complain about their privacy. But on balance, losing the ability to accurately identify individuals in public records would be a public interest nightmare. The wolves would take over the henhouse, and who would ever know?

    I was a professional oppo researcher for a dozen years, and I can tell you a LOT of bad, in some cases flat-out corrupt candidates would skate if personally identifying information were removed from public records. If you think corruption is bad now ...

    Chris, first, I don't think you're correct about Tarrant County. The full DOB is a available as a public record. They may not list it on the printed rolls in the courthouse, but if you ask for the info they must give it. Certainly all the political list brokers get that information when they purchase it electronically.

    Second, the folks in the GOP complaining about voter ID would probably disagree that it's not needed for voter fraud. DOB may be necessary to followup after the fact checking things like immigration status or whether someone is ineligible to vote bc they're on probation or parole. You simply can't uniquely identify the individual without that info or some other more specific designator than surname.

    And again, it's just your DOB. It's already in a million private databases and nobody yet has named one harmful thing that can happen from releasing it in this fashion.

    ReplyDelete
  15. Grits, read again. They didn't even need Palin's password. They reset it because of the public availability of answers to her secret questions. They reset her password, they didn't guess it. They took advantage of the weakness of the lost password process on Yahoo!. They used a very simple attack that is not new, and has been used in the past by identity thieves, shady investigators, stalkers, etc..

    You can't hide more information to protect identity. There is very little information that can't be found, especially for those in the public eye.

    The whole concept of personally identifiable information is broken. I agree with you that the birthday on the voter roles will make absolutely no difference in protecting a voters identity. As you pointed out, misuse of information including identity theft occurred before computers and the internet.

    My point is that the way we approach identity and databases doesn't work and hasn't for years. Removing birthdates from voter registration databases amounts to security theater, not real protection. Anonymizing PII makes people feel good and little else.

    ReplyDelete
  16. JWT, Palin is a public figure who was the focus of an international media frenzy. Releasing your DOB or mine won't reveal the name of our first pet, etc.. It's just not an apt comparson and it doesn't threaten the average person.

    We agree this is security theater. The debate over privacy shouldn't rest around DOB in public records; the real threats are much more profound than that.

    ReplyDelete
  17. And I would disagree with the folks in the GOP that voter ID would have any impact whatsoever on voter fraud. Voter fraud has 1% to do with people lying about who they are and 99% to do with making sure the only ballots that make it into a ballot box come from people who don't have unique access to the voter equipment and that ballots are counted correctly.

    I cannot speak to what specific requests for complete date of birth information would garner at Tarrant Co elections, but a simple request for voter history will only get you a year of birth. A simple request for voter history from SoS will result in a complete DOB being released.

    The end of the discussion comes back to the simple fact that my date of birth or any other information about me is MINE. It is not yours. For anyone to release MY information without my consent is a violation of privacy and likely a violation of contract as well.

    For the government to demand that information under the color of law and not NEED it for lawful purpose in which the state has a specific interest is a violation of privacy; an unlawful search.

    ReplyDelete
  18. Chris, the data is not yours, it's just about you.

    You can say it's your data but that's a fallacy. If I see you on the street and write a description - 5 foot 10, brown hair, etc. - that's both personal information and public data. It's information ABOUT you, but it's not yours in a propety rights sense. You don't own that data. Now, JWT may want to move in that direction, but that's not how the law historically views information.

    Lots of people need to know the date of your birth, if nothing else for hospital billing purposes at the time. Births affect more than the person born, which is why you must register birth certificates with the state.

    There are many compelling reasons for making the data public and you still have identified no compelling harm.

    ReplyDelete
  19. Grits, I seem to not be making my point very well. "Information wants to be free" pretty well sums it up. Put another way, you can have information that is private or useful, but not both.

    Up until the invention of the printing press, there were almost no laws governing information. Copyrights and trademarks came about to protect the budding publishing business. Even there, fair use is a major exception.

    Chris' claim to ownership of his personal information does ignore current case law and court decisions. Look at the laws governing photographs. Anyone can take a photograph of just about anything they can lawfully see. With rare exceptions the restrictions are on the use. The same applies to most personal information.

    ReplyDelete
  20. JWT, I said that because you suggested reforming privacy regs but didn't say how you'd like to see then changed. Sorry if I misrepresented your position.

    I just don't want to see abstract, nebulous fear about privacy blow up investigative reporting techniques that date back to Lincoln Steffens, which is what this so-called defense of "personal information" by impractical, would-be privacy advocates threatens to do.

    ReplyDelete
  21. Since when is hospital billing information public information?

    You can take a picture of me all you want (it's rather scary that grits gave a rather exact description of me j/k) when I put myself out in public. If I don't put information about myself out in public, you have no right to it. When I do, that's a different story entirely.

    The government is not a clearinghouse of information about the people. It should not demand information except that which is required to complete the security of inalienable rights. Violating privacy rights is directly contrary to the purpose of government. It is a perversion.

    ReplyDelete
  22. "Since when is hospital billing information public information?"

    That is public, Your condition adn if you are a patient isn't. as per HIPPA. However your name, address, phonenumber, license number, Voter's registration, family composition, ethnic background, shoe size, email addresses, etc, ARE public information. The Privacy Act of 1974 pretty much sums up the things that ARE private, and those aren't many.

    ReplyDelete