Sen. Wyden to chief justice: Americans’ sensitive data exposed by courts
Senator Ron Wyden (D, Ore.) is raising the alarm about federal courts ignoring Congressionally mandated privacy rules and leaving sensitive information exposed in records posted online, putting people at risk of fraud and identity theft.
“These rules are not being followed, the courts are not enforcing them, and as a result, each year tens of thousands of Americans are exposed to needless privacy violations,” Wyden wrote in a Thursday letter, first reported by CyberScoop, urging Supreme Court Chief Justice John Roberts to take action.
The E-Government Act of 2002 laid the framework for putting federal court records online — as well as tasked the Supreme Court with managing privacy and security rules around those records. That law also required the judiciary to submit reports on the adequacy of those rules to Congress every two years after they went into effect.
However, only three such reports have actually been created, according to Wyden: one in 2009, another in 2011, and the latest in June of this year — five months after his office asked for past reports.
According to Wyden’s office, the Federal Judicial Center found in a 2015 review that more than 5,000 records from a single month in 2013 – out of 3.9 million records – included at least one social security number. The rules require such “personal identifiers” to be redacted.
“If these statistics are representative of the problem, it would mean that the courts have made available to the public roughly half a million documents containing personal data since 2015,” Wyden wrote.
The report also showed that committees within the Judicial Conference, the federal courts’ policymaking arm tasked with reviewing the rules, failed to take action when faced with evidence of privacy problems with filings, according to Wyden.
“Federal courts must obey the law and protect the personal data entrusted to them,” he wrote. “If federal courts cannot address this issue, quickly, Congress will be forced to act.”
Andrea Peterson
(they/them) is a longtime cybersecurity journalist who cut their teeth covering technology policy at ThinkProgress (RIP) and The Washington Post before doing deep-dive public records investigations at the Project on Government Oversight and American Oversight.