jump to navigation

No Public Privacy September 2, 2009

Posted by Chuck Musciano in Random Musings.
Tags: , ,
6 comments

My town is fairly techno-savvy.  They run a great web site with up-to-date information on just about anything you can imagine.  They also provide real-time email notification of town issues.  Any time there is an emergency road closing, or an impending storm, you get a nice email letting you know.  You also get all the official town press releases, as they are, um, released to the press.

I always thought this was pretty cool, until last week.  That’s when I got an email from the town informing me that the address lists used to drive the email system are considered a public record and are therefore obtainable under the Freedom Of Information Act.  The town wanted me to know that someone had just obtained a copy from the town, and that I should be on the lookout for potential spam as a result.

Isn’t that great?  Spammers need not scrounge addresses on their own, or pay for them from dubious sources.  Instead, they can get them, for free, from every municipal entity in the country that provides information via email.  Somehow, I don’t think this is what was envisioned when the FOIA was passed.

Now citizens have a choice: continue to receive timely (and potentially life-saving) information from your town, or be subject to even more spam from those who get the lists from your town.  Of course, this punishes the most forward-thinking towns who have taken the time to implement these fancy services.  Backwards towns, still distributing information via criers, are not putting their citizens at risk.

I know that I should be running appropriate spam filters (I do) and not open suspicious messages from destitute ex-royalty in Nigeria (I don’t), but not everyone is as techno-hip as I am.  Even worse, you know the spammers will be sending fake messages that look like missives from my town, just to further confuse the recipients.  I know that is somehow illegal, but I’m guessing that most spammers are not following some sort of Spammers Ethical Code to prevent this kind of stuff.

Lots of people fret that private data being held by third parties may someday be retrievable via subpoena, and much is made of how responsible Google and other large firms will be when trying to protect our data.  But I don’t know that many people have worried about what our local town government will do when asked for our data.  Now we know: they turn it over to comply with the law.

I have to believe that certain town-held data (like utility billing data) is confidential.  Or is it?  Could I send a letter to any town in the United States and get their complete billing database, under FOIA?  Forget email.  That kind of data would be a goldmine for all sorts of data mining and marketing insight.

I don’t know where this is headed, but I am not happy about where it is so far.  We need to rethink how data is held by public agencies, and how it can be withheld except under certain very well-defined circumstances.

[tweetmeme source=”EffectiveCIO” alias=”http://bit.ly/cio099″ only_single=false]