Government 2.0 conference May 6-7 in Oklahoma City
If you’re interested in the public interactions among government, technology, social networks and freedom of information, you might want to check out the Gov2.0a conference at the Cox Convention Center in downtown Oklahoma City on May 6-7.
I’ll be presenting on a panel about the media’s role in the Government 2.0 movement.
Other confirmed speakers are the state’s new chief information officer, Alex Pettit, as well as Lt. Gov. Jari Askins, Rep. Jason Murphey, R-Guthrie, and Rep. Ryan Kiesel, D-Seminole. At the local government level will be Zach Nash with the city of Oklahoma City, Matt Mueller from Guthrie and Dustin Haisler from Manor, Texas.
Check out the full list of speakers and sessions here.
Also, all conference attendees will get a free copy of the Open Government book published by O’Reilly. (It’s also available as an iPhone app here.) Co-author Laurel Ruma is one of the speakers at the conference.
The prices for passes and dinner tickets to the conference range from $49 to $99 before April 30. After that, they range from $99 to $159.
In other Gov 2.0 news, the Oklahoma House of Representatives last week passed an amendment to Senate Bill 1759, which would expand the state’s efforts to put government information online. The amendment, by Rep. Murphey, followed an earlier effort that fell short. SB 1759 now heads back to the Senate for consideration.
In an e-mail, Murphey said SB 1759 goes much further than his earlier bill. Here’s how he summarized the main points of the proposal:
1. Establish standardized social media and limited liability polices for state agencies.
2. The standardization of interfaces for the utilization of state government services through web-based access. (Such as the 311 open source standards.)
3. Require data set publication and APIs to interface with the data sets with a focus on pushing out the data which is most often requested through open records requests.
4. Establish an application process by which developers and members of the public can ask the board to require new data feeds.
Meanwhile, in Washington today, a bipartisan group of lawmakers organized the first Transparency Caucus, which will attempt to pass laws requiring certain government information to be posted online. That effort is being supported by the Sunlight Foundation, a government and technology “think tank.”
–Paul
Oklahoma lags in Census mail participation rate
The mail part of the Census for 2010 has ended, and the results aren’t pretty for Oklahoma.
The U.S. Census Bureau said today that Oklahoma’s mail participation rate came in at 66 percent, down from 69 percent in the 2000 census. You can check out a Google map of the latest participation rates at the Census’ Take 10 site. Here’s the latest map of the mail participation rates by county in Oklahoma:
Nationally, the mail participation rate this year was 72 percent, unchanged from 2000, the Census said in a news release. Oklahoma’s participation rate of 66 percent in 2010 put it in the bottom tier of states, along with Louisiana, West Virginia, New Mexico and Alaska.
Wisconsin lead all states with a mail participation rate of 81 percent. It was followed by Minnesota, Indiana, Iowa and Michigan.
The next phase of the Census is the home visits by Census enumerators. They will begin showing up this weekend:
The nation’s response helps pave the way for the next phase of the 2010 Census: the deployment of 635,000 census takers across the country who will go door to door to obtain census responses from all remaining households. The temporary census workers are in training this week and will begin obtaining census responses this weekend.
–Paul
Amazon sues North Carolina over customer data
In a case that could have repercussions here in Oklahoma, online bookseller Amazon has filed a lawsuit against North Carolina’s tax agency, accusing it of wanting personal information about Amazon’s customers in the Tar Heel state.
The Associated Press has more here.
Amazon filed the lawsuit Monday in federal court in its home state of Washington. (Read a copy of the complaint.) From the lawsuit:
The [Department of Revenue] is auditing Amazon’s compliance with state sales and use tax laws. To date, Amazon has cooperated fully with the audit, providing the DOR with voluminous information about its sales to North Carolina, including, for each transaction: the order ID number; the city, county, and zip code to which the item was shipped; the total price for the transaction; the date of the transaction; and Amazon’s standard product code for each item (known as the Amazon Standard Identification Number or ASIN). With these product codes, the DOR is able to immediately find on Amazon’s website the full description of every product purchased by Amazon’s North Carolina customers since 2003 – nearly 50 million items in all.
As the AP story notes, states are desperate for all kinds of revenue amid the recession. Lawmakers in Oklahoma are still crafting the state budget for FY 2011, but Gov. Brad Henry has recommended expanded tax collections, including those for online sales. (The Oklahoma Policy Institute has a good discussion of streamlined sales tax collections.)
In its lawsuit, Amazon is claiming that handing over the names and addresses of its customers would violate their First Amendment rights and Amazon’s own privacy policy:
There is no allegation by the DOR that any of the products Amazon customers purchased is in any way unlawful. Rather, the identities and expressive choices of these customers have become subject to government scrutiny only because those products were purchased from an out-of-state retailer. The DOR’s actions threaten to chill the exercise of customers’ expressive choices and to cause Amazon customers not to purchase certain books, music, movies or other expressive material from Amazon that they might otherwise purchase if they did not fear disclosure of those choices to the government.
–Paul
DOB bill compromise attacks spirit of Open Records Act
UPDATE: House leaders decided not to hear the bill on the floor April 22. That means SB 1753 is dead for the year, although lawmakers said they are still working on possible alternate compromise language to be inserted into another bill before the end of the Legislative session. Read Capitol Bureau reporter Michael McNutt’s story.
——————————————————————————————————————————-
A floor amendment to Senate Bill 1753 was posted late Monday night by Rep. Randy Terrill. That means a vote on what Terrill calls compromise language for the disclosure of birth dates of public employees could come by Wednesday or Thursday on the House floor. A previous version of the bill passed unopposed in the Senate in February.
The compromise by Terrill, R-Moore, makes a bad bill worse and turns the whole Oklahoma Open Records Act on its head.
In effect, the bill would now grant public employees greater privacy protections than registered voters, licensed drivers and people who buy prescription drugs in Oklahoma. All of those transactions collect, sell or reuse date of birth information in some way to verify identity.
Terrill’s amendment makes clear that it’s never been about identity theft or protecting public employees in sensitive jobs from potential stalkers and criminals. It’s about the control of information and protecting special interests like the Oklahoma Public Employees Association.
Under the amended language, for the first time ever in Oklahoma, the public would be required to tell a governmental body why it wants records.
In writing.
With an unspecified time line.
The Open Records Act currently presumes that government records are open unless they are specifically exempt. In this Terrill’s scenario, the burden of proof would now lie with the requestor, not with the public body. That is contrary to both the spirit and application of the law.
In my experience, public bodies routinely ignore parts of the Open Records Act they don’t agree with or find troublesome. This could give them another excuse.
If the changes are enacted, it would be a slippery slope for the rest of law to require a requestor to explain why he or she wants to inspect public information. That paternalistic style of “government knows best” would be a blow to transparency efforts everywhere.
–Paul
P.S. Here’s the relevant section of the proposed law that is at issue:
SECTION 1. NEW LAW A new section of law to be codified in the Oklahoma Statutes as Section 24A.7-1 of Title 51, unless there is created a duplication in numbering, reads as follows:
A. No public body shall release to any person or entity the exact date of birth for any employee of the public body.
B. For purposes of the Oklahoma Open Records Act, an employee’s date of birth shall not be subject to disclosure by the public body except for the procedures prescribed by this section for responding to requests to confirm or deny a date of birth with respect to a person identified in a request for verification.
C. A person or entity may request a verification from a public body that a birth date for a specifically identified person whom the requestor reasonably believes to be employed by the public body as of the date of the request is the same as the birth date for such employee as reflected by the employment records of the public body.
D. The requestor shall submit a written request for verification of date of birth to the public body which request shall contain:
1. The complete name of the person whom the requestor reasonably believes to be an employee of the public body as reflected in the information or document relied upon by the person or entity making the verification request;
2. The particularized and specific reason that the requestor is asking for verification of the employee date of birth for each employee included in a verification request; and
3. Any other identifying information related to the information or document in the possession of the requestor that would allow the public body to determine whether or not the person identified in the request is an employee of the public body.
E. For purposes of verification requests submitted by any person or entity and for purposes of responses to such requests by a public body, a person’s status as an employee shall be determined as of the date that the verification request is submitted to the public body.
F. The public body shall have a reasonable period of time from the receipt of a verification request within which to review the request and any document or other information identified in the request to ascertain whether the person named in the verification request is an employee of the public body.
G. If the public body determines that the person identified in the verification request is or may be an employee of the public body, the public body shall respond in writing to the person or entity making the verification request that the date of birth of the employee is the same as the date of birth provided by the requestor with respect to the person identified in the verification request.
H. If the public body determines that the person identified in the verification request is not an employee of the public body, the public body shall respond in writing to the person or entity making the verification request that the date of birth provided by the requestor with respect to the person identified in the verification request does not match the date of birth of any employee of the public body.
I. Within a reasonable period of time after a public body receives a verification request pursuant to this section and prior to the date as of which the public body provides a written response confirming a birth date of one or more of its employees, the public body shall provide written notice to any employee whose date of birth has been the subject of a verification request by a requesting entity of the identity of the requesting entity and the reason provided by the requesting entity for the verification request.
J. Prior to making the written verification to a requesting entity with respect to an employee date of birth, the public body shall notify any employee whose date of birth will be confirmed to a requesting entity that the public body will be providing a confirmation of the date of birth to a requesting entity.
SECTION 2. It being immediately necessary for the preservation of the public peace, health and safety, an emergency is hereby declared to exist, by reason whereof this act shall take effect and be in full force from and after its passage and approval.
OPEA mailer lands in mailboxes
It’s been a couple of weeks since we wrote about the Oklahoma Public Employees Association and its special mailing list deal set up by a state lawmaker last year.
This week, the second of OPEA‘s two mailings have begun arriving the mailboxes of more than 30,000 state employees. OPEA has said that the second mailing was not sent to about 10,000 existing members. The association had its mail vendor do some database matching to separate existing members from prospective members, a process that OPEA decries as “data mining” and “privacy piracy” when others do it.
Here’s the other parts of the two-page mailer:
–Paul
P.S. For more on this issue, see our special coverage page on the public records dispute.
“Privacy pirates” and the politics of fear
(d)1.a. The home addresses, telephone numbers, social security numbers, and photographs of active or former law enforcement personnel, including correctional and correctional probation officers, personnel of the Department of Children and Family Services whose duties include the investigation of abuse, neglect, exploitation, fraud, theft, or other criminal activities, personnel of the Department of Health whose duties are to support the investigation of child abuse or neglect, and personnel of the Department of Revenue or local governments whose responsibilities include revenue collection and enforcement or child support enforcement; the home addresses, telephone numbers, social security numbers, photographs, and places of employment of the spouses and children of such personnel; and the names and locations of schools and day care facilities attended by the children of such personnel are exempt from s. 119.07(1).
This is how the state of Florida deals with law enforcement and open records for state personnel. Anyone want to guess what’s missing? Any reference whatsoever to dates of birth.
But the Kabuki theater continues down at the Oklahoma Capitol. For the second time in two weeks, the lawmakers on Senate Bill 1753 held a news conference on whether the birth dates of public employees should be exempt from the Open Records Act.
Last week, it was to announce their support for a lawsuit by various public employee groups against a pending open records request by The Oklahoman.* This week, it was law enforcement’s turn. See our story here; the AP version is here.
Backers of SB 1753 have cycled through several arguments for closing off the birth dates of public employees: fear of identity theft; fear of “unwarranted invasion of privacy”; and now fear of harm to law enforcement. (Read the press release here.)
At Tuesday’s press conference, Rep. Randy Terrill picked up a talking point first advanced last week by his friends at the Oklahoma Public Employees Association: that reporters for The Oklahoman were “privacy pirates” who have no regard for state employees.
“This is not a case where there has been an allegation of corruption or impropriety involving a specific employee or group,” said Terrill, R-Moore. “This is just a fishing expedition based on the presupposition that every state employee is a criminal, crook, thief or wrongdoer just waiting to be discovered by the data miners and privacy pirates on a newspaper’s payroll.”
Terrill is a skilled legislator. Capitol observers will tell you he is one of the most well-prepared lawmakers under the dome, but he finds himself in a tough spot: caught between the media, OPEA and law enforcement.
On one side, Terrill wants credit for filing a bill, HB 3382, to open up DPS dash cam footage. On the other side, he has accused The Oklahoman of manufacturing stories and practicing advocacy journalism.** Of course, one person’s “manufacturing” is another person’s investigation:
Special mailing list deal for Oklahoma Public Employees Association
Oklahoma lawmaker Randy Terrill to return 2010 campaign money
Oklahoma brings in millions by selling personal data
All of the law enforcement agencies appearing at this week’s press conference have their funding controlled at least in part by Terrill’s chairmanship of the House appropriations and budget subcommittee for public safety and judiciary. Negotiations on the budget for FY 2011 are ongoing.
In fact, Commissioner of Public Safety Kevin Ward and Oklahoma State Bureau of Investigation Director DeWade Langley rarely make themselves available to the media. But they were front and center at Tuesday’s press conference.
Later that same day, OSBI held a separate press conference about its homicide clearance rate, but Langley was a no show. Instead, he let OSBI spokeswoman Jessica Brown deal with the questions that have been raised about OSBI’s handling of recent murder investigations. Here’s how the AP put it:
OSBI Director A. DeWade Langley has not responded publicly to criticism of the agency. “That’s why he hired me,” Brown said. “He does his things and I do mine.”
Back to the DOB issue. Can you make an argument that there should be a balance between the public’s right to know and the privacy rights of public employees? Yes. Such a balance exists in the Open Records Act: the Social Security numbers, home addresses and home telephone numbers are already off limits.
In effect, under current law, all public employees in Oklahoma enjoy the same protections as law enforcement personnel in Florida.
Let me repeat that: All public employees in Oklahoma enjoy the same protections as law enforcement personnel in Florida.
It’s a fact of life that we leave a paper trail in most of our public and private transactions. I wonder if any of the dozen law enforcement agencies represented at Tuesday’s Capitol press conference have personnel policies that limit their employees having telephone numbers in the phone book, buying property, registering to vote or holding driver’s licenses?
The privacy rights of public employees, including those who work in law enforcement, are already fewer than those in the private sector. The names, agency and salary of state employees are readily available on the state’s Open Books site. Under a 2003 law, state employees can be fired for not paying their state income taxes, something that usually won’t get you fired in the private sector. Furthermore, every employee’s employment application is an open record.
Terrill, who has used “personal information” from voter registrations for his political campaigns, has said in interviews those records are different because you voluntarily register to vote. But don’t you also voluntarily become a state employee? There is no indentured servitude in state government.
What we’re talking about here is the difference between public information and confidential/private information. A recent Government Accountability Office report details the differences:
● Public records such as birth and death records, property records, motor vehicle and voter registrations, criminal records, and civil case files.
● Publicly available information not found in public records but nevertheless publicly available through other sources, such as telephone directories, business directories, classified ads or magazines, Internet sites, and other sources accessible by the general public.
● Nonpublic information derived from proprietary or nonpublic sources, such as credit header data, product warranty registrations, and other application information provided to private businesses directly by consumers.
Other states have developed detailed policies regarding the use and reuse of those types of information. In fact, one of the best policies I’ve seen is from neighboring Arkansas. They have a “data matrix” that spells out how governments should deal with personal data. Here’s some examples of what Arkansas deems “very sensitive”:
Social Security numbers
Most home addresses
Attorneys’ files
Comprehensive law enforcement data
Domestic abuse data
Educational records
Foster care data
Health and medical data
Library borrower’s records
Signature imaging data
Welfare records/data
Credit card numbers
Competitive bids
Civil investigative data
Criminal history data
Economic development assistance data
Food assistance programs data
Head Start data
Juvenile delinquent data
Counselors’ data
Trade secrets data
Since the state just hired its first ever chief information officer, maybe one of his tasks could be developing a similar data sensitivity policy here in Oklahoma.
–Paul
(*Full disclosure: I have signed an affidavit in the pending court case in Oklahoma County.)
(**This blog, which began two years ago, occasionally advocates for open records, open government and open data.)
Oklahoma brings in millions by selling personal data
From Sunday’s paper:
————————————————
BY JOHN ESTUS, PAUL MONIES – THE OKLAHOMAN and GAVIN OFF – Tulsa World
2010 Copyright © The Oklahoman
The state of Oklahoma makes tens of millions of dollars selling personal information about people that some lawmakers and labor organizations want kept secret for government employees, The Oklahoman and the Tulsa World have learned.
At least $65 million has been made in the past five years from the sale of millions of motor vehicle records that include birth dates and other personal information of all state drivers, Department of Public Safety records show.
A private company has collected about $15 million conducting most of those transactions on behalf of the state, records show.
As a result, birth dates and other personal information flow freely on a daily basis to insurance companies, employment screening services, government agencies, attorneys, individuals and more.
While the state earns money selling records that include birth dates, lawmakers and some labor groups are working to shut off access to birth dates of public employees to the public, The Oklahoman and others working on the public’s behalf. Senate Bill 1753, by Sen. Debbe Leftwich, D-Oklahoma City, and Rep. Randy Terrill, R-Moore, would exempt government worker birth dates from the state’s Open Records Act.
Leftwich, Terrill and supporters of the bill claim releasing birth dates could endanger the safety of employees and lead to identity theft. They have provided no evidence of such harm being done in the past as a result of birth dates being public.
Leftwich and Terrill did not return calls Friday seeking comment on the state selling motor vehicle records that include birth dates.
One privacy expert said keeping birth dates secret won’t help protect workers’ identities or safety because the information is already available elsewhere.
“What I would tell them is, ‘Stop trying to shut the barn door after the horses are gone,’” said Richard J.H. Varn, chief information officer for the city of San Antonio and executive director of Coalition for Sensible Public Records Access. “It’s a lack of understanding by policy makers to what an effective countermeasure is to identity theft.”
Birth dates of public employees are presumed open records in Oklahoma under a recent attorney general opinion. They make it possible for the public to accurately identify government workers whose salaries they pay with tax dollars. Birth dates are found in numerous public documents, making them crucial components of background checks because they allow the public to differentiate between people with common names.
Government agencies have for years provided their employees’ birth dates in response to open records requests.
Records easy to get
Among the most widely distributed records that include birth dates are the motor vehicle records the Oklahoma Department of Public Safety maintains for all licensed drivers.
Motor vehicle records include driver names, birth dates, driver’s license numbers and recent driving histories. Some of that information is not available under the state Open Records Act.
Motor vehicle records can be bought online or in person. The state gets $10 per record, and most of the money goes into the state’s general fund, said Wellon Poe, chief legal counsel for the Department of Public Safety.
Top clients are clearing houses that sell the information to insurance companies and corporations, Poe said.
In order to get motor vehicle records, requesters must sign agreements saying they are authorized to receive the information under the federal Driver’s Privacy Protection Act. The act contains more than a dozen possible scenarios that allow numerous public and private organizations and individuals to obtain the records.
The requester must also provide the name and another unique identifier — such as an address or driver’s license number — of the person whose record they are requesting, Poe said.
Poe said it’s tough to prove whether those who sign the agreements meet the requirements to begin with.
“We don’t go out and run a big background check on somebody that walks in and tries to get an MVR,” Poe said.
State tag agents also sell motor vehicle records. Money made from those sales flows through the state Tax Commission and wasn’t included in the revenue records provided by the Department of Public Safety, Poe said.
Sales lucrative
Most of the records are bought online for $12.50 each, with $10 going to the state and a $2.50 processing fee going to the company that operates the state’s Web site.
NIC Inc., the operator of www.ok.gov , has made an estimated $15 million off those fees in the past five years, according to an analysis of Department of Public Safety revenue records.
The Kansas-based company has contracts to run government Web sites in 22 other states. The Office of State Finance in December renewed the state’s contract with Oklahoma Interactive LLC, an NIC subsidiary that the state has contracted with for Web services since 2001.
Of the $132.9 million in revenue NIC reported in 2009, nearly half came from selling motor vehicle records and driver’s license data from the states it serves, according to a Securities and Exchange Commission filing.
In marketing materials and news releases, NIC emphasizes that its services are offered at no cost to states, an important selling point because of budget shortfalls. The revenue from motor vehicle records sales has allowed the company to provide more than 280 services online for state government in Oklahoma.
Chris Neff, vice president of marketing for NIC, said companies such as ChoicePoint/LexisNexis, Insurance Information Exchange, American Driving Records and Acxiom Information Security Services regularly buy motor vehicle records from Oklahoma.
“The biggest single reason why they’re pulling it is because they use the driver history information to set rates for your annual renewal for your vehicle policy,” Neff said.
Neff said those companies also package the same information with other sources such as credit reports, property records and criminal histories. Those companies often use birth dates as secondary identifiers to distinguish people with common names from one another, he said.
“All those data points may be used, but there are restrictions as part of the Driver’s Privacy Protection Act in how that information may be used and how often it may be used,” Neff said. “The risks of having outdated data impacts whether somebody is extended credit or what rates they pay for certain services. It’s incumbent on having accurate, regularly refreshed information.”
Schools sell information, too
Elsewhere, birth date information is available to third parties from public schools, colleges and universities. A federal law, the Family Educational Rights and Privacy Act, governs the release of student directory information. That information is also available under the Oklahoma Open Records Act.
The directory information includes a student’s name, birth date, telephone number and address, along with other records. Schools must allow students to opt out of the disclosure, though local school officials said students rarely do.
Since 2000, Oklahoma State University has provided or sold student directory information 242 times, records show. In at least 19 cases, the data included birth dates.
“It could have been a lot more,” OSU spokesman Gary Shutt said.
OSU has sold student birth dates to a party store, a church and the university’s faculty council, for example. It also has provided student birth dates to the military for free.
Shutt said the university recently began providing year of birth instead of date of birth for standard directory information requests. OSU made the switch because some students use birth dates as passwords for various accounts. However, Shutt said OSU would likely provide birth dates upon request and no one has complained about the university providing the information.
The University of Oklahoma also provides student directory information to entities that request it, but it has not provided birth dates since at least 2008, said Rachel McCombs, OU’s open records officer.
An open records request by the Tulsa World for a list of recipients of OU student directory information is pending.
Privacy safeguards
Concealing birth dates in public records is not an effective measure to fight identity theft because birth dates are available in so many other places, said Varn, the privacy expert from San Antonio.
“It’s like saying because terrorists use airplanes we’re going to quit flying,” Varn said. “No. There are worthy countermeasures.”
Birth dates can be found in voter registration records, driver’s licenses, lawsuits and even registration forms for some Web sites.
“If you want to buy someone’s full identity, you can buy it for 30 cents to $60 on the black market,” said Varn, who served for 12 years in the Iowa General Assembly.
Sponsors of the Coalition for Sensible Public Records Access, which Varn represents, include some of the largest data resellers in the country.
Varn said governments should encourage people to monitor their credit reports, protect their personal computers with security software and ask online businesses to require a password with transactions that use credit cards.
But they shouldn’t block access to public data, he said.
“They sell it for good reason,” Varn said. “People actually need it to do good things in the world.”
For example, employers use birth dates to help run background checks on job applicants. Journalists use birth dates to help find everything from sex offenders who drive school buses to felons who have gun permits.
“Clearly, we’ve had examples of public employees being hired and faulty background checks being done,” said Joey Senat, an open records expert and associate journalism professor at Oklahoma State University. “It’s unfortunate, but we need to know with whom we deal with in life, and this is a way to do it.”
