Friday, November 14, 2008

Watching the Watchers

Via Instapundit and Ace: "Six agencies illegally scoured Joe the Plumber's records for dirt, including office of the attorney general, so that information could be turned over to national media." Ace goes on:
Check out this spin: The claim is they wanted to ensure the media wasn't misreporting information about [Joe the Plumber's] infamous thousand-dollar tax lien ...

They were protecting Joe from the media, you see. By passing them the fruits of illegal private-records searches.
Governments are not the only bureaucracies that can violate one's privacy. Last month twenty hospital workers were fired for HIPAA violations stemming from their snooping in the medical records of the Jacksonville Jaguars' offensive tackle Richard Collier. California has also fired a few people for HIPAA violations. The Mercury News reports:
Billingsley said UCLA hospital workers inappropriately accessed records of 1,041 patients since 2003. The hospital later disciplined 165 employees through firings, suspensions and warnings.

One former administrative employee, Lawanda Jackson, faces federal charges for allegedly selling information from Fawcett's medical records to a tabloid.
In corporate America, violations of privacy also result in firings. A couple years ago, AOL's CTO resigned and two employees were fired for privacy violations. In North Carolina a fired employee of a small business plead guilty to "intruding on her former company's e-mails and using the information fraudulently." If she released the information to the media for the betterment of society maybe she could have asked the judge for leniency at trial.

Violating the privacy of a politician can land you in jail—Palin's email hacker David Kernell looks forward to a court date in 2009. It can also precipitate a constitutional crisis when the tax payer funded Justice Department wants to investigate the tax payer funded office of a tax payer salaried Congressman, William Jefferson (D-LA), for evidence of malfeasance with tax payer money.

Here's my recommendation: whenever someone accesses my private data, send me an email or text message. Ideally, the email should include:
  1. date and time my information was accessed
  2. reason for the access
  3. name of the person who accessed my data
  4. contact information for follow-up
I think #3 will draw the most criticism. Perhaps an employee number would be more acceptable. Still... I can't help but think: When you're working on my dime—when you're drawing a salary from my tax dollars—you do not have the presumption of privacy at work. When government employees assume that they do have privacy at work, it leads to the abuse of power that Instapundit and Ace reported on. If government employees know that citizens will be notified of every access, then those employees will be more accountable to the people paying their salaries.

No comments: