If you are a licensed driver with the Department of Motor Vehicles, chances are your private information has been sold. And your privacy and security could be at risk. Having worked on cases involving the Driver’s Privacy Protection Act (DPPA) for more than a decade, Attorney Joseph Malley says that Department of Motor Vehicles in 37 states are selling private driver information to thousands and thousands of entities. And Malley has filed cases involving about 145 million people.
Does DMV have the right to sell your private information? And more concerning: Who is paying for this information and what are they doing with it? Malley answers these questions in a three-part series with LawyersandSettlements over the coming months. He discusses how one woman’s life was at risk after DMV sold her information to an entity the Department hasn’t even heard of (business are not vetted); the class action lawsuits filed by victims of identity theft; how to proceed if you believe your privacy has been violated, and more…
To illustrate the breadth of this issue, Malley shares the following information on two states alone, which he obtained through the Freedom of Information Act:
Florida DMV made $150 million over the past two years selling information to more than 75 companies. That means 15.5 million licensed drivers may have had their privacy rights violated. Several of Malley’s cases originate in Texas and Florida. If you live in either state, your name and address and your social security number has likely been sold over and over again.
Texas DMV was selling about 30 million DMV records and updates to about 237 entities periodically. Malley determined the DMV had violated the DPPA and six federal class actions were filed naming all the entities.(After five years of litigation with the US Supreme Court denying writ, the cases were closed.)
According to Dallas CBS 11 News (February 2013) the State of Texas made $2.1 million selling licensed drivers’ information to nearly 2,500 entities last year. About 22 million vehicles are currently registered with Texas DMV.
So what?” you may be thinking. “What’s the big deal about someone knowing where I live and the kind of car I drive? But security is a very serious issue, particularly if you are a victim of domestic abuse or a minor, or in any way vulnerable.
Domestic Abuse Victims at Risk
One of Malley’s cases involves a Florida woman who purchased from DMV information on 145 million people and sold it to 1,400 companies. “Ms. Blank sold data that includes drivers’ names and addresses and the make, model, year and VIN number of their vehicle,” said Malley. “For the past three years I’ve been fighting with Blank to get this data released—she gave it to me a few months ago.” One of those 145 million people, a woman in Florida, contacted Malley. “Jane Doe (pseudonym to protect her identity) was hysterical, terrified for her safety and her family’s safety,” says Malley. “She had moved to her parents’ home in Florida after she got out of hospital: her boyfriend tried to kill her. She had received in the mail a warranty letter, which meant that anyone could find out where she lives. And she believes the boyfriend will come after her if she doesn’t drop the attempted murder charge.”
NOVA, a national victims’ abuse group with 250 locations in the US contacted Malley to discuss his “Jane Doe” case and others. They were concerned that victims were unaware the DMV in their state could sell home addresses. “I supplied NOVA with information about my DPPA work, methods to stop the access to their DMV data, and other information—such as posting pictures online-- related to my online privacy cases,” says Malley.
Minors at Risk: Did Washington DMV sell information to a Pedophile?
Malley came across a Washington “open records response” that showed access to DMV records from an entity called “American Beauty”, apparently involved with beauty pageants. This entity requested data related only to females ages 7-12. (States issue identity cards for anyone, mainly for minors and the elderly.) Malley’s investigation led him to a person using his apartment as HQ, and he had a “questionable criminal history”.
“I further found out that he was using the DMV data to send ‘announcement’ letters to minor girls, saying they had been picked to be part of a beauty pageant and all they needed to do was to send their picture in a bathing suit,” adds Malley. He informed the Washington DMV of this person and he was told that said person had been denied further access to the DMV data. But they continue to sell data!
Coming Up: Who else is buying and Why; DPPA lawsuits and how to Protect Yourself from Identity Theft, Privacy and Security Violations.