THE CHESAPEAKE TODAY
Leonardtown, Md. (This is the full story which appeared in the June 2014, edition of The Chesapeake Today)— As a result of a public information request for salary and overtime data for employees of the St. Mary’s County Md. Sheriff’s Department, the Finance Director and County Attorney provided much more data, in writing, in response to the request – the Social Security numbers of all the cops and clerks of the agency. The county officials entrusted with vital records of county employees, including the sheriff’s deputies, enriched the requested material with the Social Security numbers for every employee, including Sheriff Tim Cameron.
Resisting the urge to email all of the data to NSA leaker Edward Snowden or to sell the information to a Nigerian banker, instead, the written records provided to THE CHESAPEAKE TODAY have been hand delivered back to the county attorney.
Ironically, the same request, for the name of employee, job title, annual salary and amount of overtime, in electronic form, was made to the St. Mary’s officials in 2011 and was promptly provided, without any extra and unrequested data – such as Social Security numbers.
The Public Information Request specified that the response be made electronically, just as it was two years earlier, to facilitate a digital report to readers of the newspaper.
The paper response, which was not requested, used nearly two hundred sheets of paper, in direct conflict with the Maryland Governor’s various Executive Orders dating back as far as 1991, such as: 01.01.1991.20 6/25/91 Conservation of Paper by Units of State 45 Government.
On April 28, 2014, Lt. Michael Gardiner sent an email asking for more time to prepare the information sought in the request.
“I am asking for an extension regarding the request for overtime of Sheriff’s Office personnel. The information has to be prepared by the accounting office and they advised me this morning that it is a time-consuming task as the data is entered by employee number and it does not differentiate between sworn and unsworn personnel. I apologize for any inconvenience this may cause you. I will forward you the information electronically as soon as it becomes available to me.”
Lt. Gardiner’s request for additional time was granted by THE CHESAPEAKE TODAY.
The request for the information regarding overtime came at the same time that the St. Mary’s County Commissioners were faced with large budget requests from the Sheriff’s Department. Disclosure of overtime information may have had a bearing on the budget approval sought by the Sheriff.
Therefore, as Lt. Gardiner is the “Supervisor of Office of Professional Responsibilities” and reports directly to the Sheriff, the responsibility for the illegal dumping of Social Security numbers cannot be laid solely on the doorstep of the County Finance Director, the County Attorney and the County Commissioners.
As St. Mary’s Sheriff Tim Cameron is a state official, indeed a constitutional officer of the state, his staff of clerks and cops are considered county employees and the agency is required by law to be funded by the county commissioners. Therefore, compliance with the state law requiring disclosure of public information to the public could be considered to have to adhere to Executive Orders of the Governor.
Of course, had St. Mary’s County’s Finance Director, Elaine Kramer or County Attorney George Sparling felt compelled to verify the data provided in the Public Information Request, they might have spotted the illegal distribution of employee Social Security numbers to the public. An electronic distribution, as requested for fiscal year 2011, was simple and but four columns, without intricate records of sick leave, annual leave, contributions to pension and FOP dues, worker’s compensation, Medicare contributions and so on.
St. Mary’s County is not the only government entity that makes illegal dumps of social security numbers. The Internal Revenue Service, indeed the very agency caught up in the scandal over illegally auditing conservative groups, the Office of Tax Exempt Organizations, reportedly did an electronic dump of over 100,000 social security numbers in a public information request to PublicResource.org. as reported in Human Events in 2013.
A bill was offered in Congress in 2013 which would require the truncating, or shortening, of social security numbers on written documents.
This press release was provided by the office of Congressman Dennis Ross: “U.S. Reps Dennis Ross (FL-15) and Kathy Castor (FL-14) introduced bipartisan legislation to prevent identity theft by uniformly truncating Social Security numbers on written documents. H.R. 2229, the Safeguarding Social Security Numbers Act of 2013 would mandate that Social Security numbers are truncated so that only a few, if any, of the nine digits of the Social Security numbers are visible.”
Incompetence in government reigns from sea to shining sea!
St. Mary’s County officials are not the only local government that is criminally incompetent in releasing massive numbers of employee social security numbers.
The City of Providence, Rhode Island, responded to access to Public Records Act request, as reported by Dan McGowan, News Editor of GoLocalProv., with the Social Security numbers of nearly 3,000 former employees of the city.
The request was sought for obtaining information about pension recipients and the publication reported: “The city’s legal team responded by e-mailing a .pdf file which listed every retiree, their retirement date, the date they began receiving a cost-of-living adjustment (COLA) and the amount they receive each month.”
When the news organization notified the city of the illegal release of Social Security numbers which the publication charitably called a “mistake”, and requested an official statement regarding the incident, they were instead met with a legal effort to obtain a restraining order to prevent the publication from disclosing the story to the public or ever being written.
A Judge didn’t have too much sympathy for the incompetent City lawyers and officials.
“Despite GoLocalProv explaining to the city both over the phone and through email that it never intended to post any retiree’s Social Security numbers, the city requested that all records be destroyed and asked that the website refrain from publishing anything regarding the document. In court, Assistant City Solicitor Kevin F. McHugh argued that the numbers posed potentially “irreparable damage,” to the city’s retirees, especially in a “9/11” world.
“GoLocalProv agreed that all documents should be deleted, but Judge Sarah Taft-Carter said she did not see sufficient justification to bar publication of a story–so long as no sensitive personal information was disclosed.”
“I know it’s embarrassing for the city,” Taft-Carter said. “But I’m not sure if that’s the standard.”
While the Judge made the right decision in that case, she might benefit from brushing up on the law and checking with the wonderful law firm of Levine Sullivan Koch & Schulz in Washington, D.C. who represented this writer in a successful First Amendment case, Rossignol v Voorhaar, in which St. Mary’s County, Sheriff Richard Voorhaar, Richard Fritz and six deputies were the defendants.
The City of Providence and unions were in the middle of dealing with the city’s $22.5 million deficit and freezing cost of living increases for retirees when the blunder took place.
The reaction from those affected was swift.
“But a lawyer and several retirees on Tuesday offered mixed opinions about the city mistakenly releasing sensitive information in a public records request.
“I’m sure it was done in error,” said Joseph Penza, the lawyer who represents the retired police officers firefighters.
“This had to be a terrible mistake, but I don’t want [a reporter] or anyone knowing my Social Security number,” one retiree said. “How could this happen?”
“I just hope [the city] lets everyone know what happened,” another retiree said. “You can never be too safe these days. I’d like to know how many people saw the document and why the Social Security numbers were there in the first place.”
Other former city employees said they were outraged. Former Mayor and City Council President John Lombardi and former union president Stephen Day, two outspoken critics of the current administration, demanded the city investigate the accidental release further.
“As a lawyer and a citizen, I feel this is a complete violation of my rights,” Lombardi said. “It’s an invasion of privacy. It’s unconscionable. [The pension records] are certainly public information, but not the Social Security number.”
Day said if the personal information for thousands of retirees fell into the wrong hands, it could be “Christmas for criminals.” He said an outside investigation should be conducted and suggested the city “pay for LifeLock or PrivacyGuard for every retiree” to make sure their personal information remains safe moving forward.
What recourse St. Mary’s County Sheriff’s Department employees will have in this matter remains to be seen.
GoLocalProv dug up these other recent events of negligence on the part of government officials:
“The accidental release of sensitive personal information in a public records request is not uncommon, although the amount of Social Security numbers provided by the city is significant. Last March, the Bloomfield Hills School District in Michigan agreed to purchase one-year ProtectMyID plans for 321 employees whose Social Security numbers were released to two individuals.
“In 2010, a New Jersey school district also released hundreds of Social Security numbers following a public records request.”
According to a Google search of the issue the incompetent and inept officials of St. Mary’s County, Maryland are not the only half-wits sitting on Social Security numbers of those who are either employed, retired or do business with government entities.
The Gazette Extra of Janesville, Wisconsin reported that the Social Security numbers of 758 persons and companies who do business with the City of Janesville had their numbers provided to Smart Procure, “a company that specializes in gathering purchasing data to seek new customers for their good and services and help them bid for government contracts.”
In the City of Janesville case, the city claims that only three employees of Smart Procure had access to the Social Security numbers.
Once again, LifeLock will be making profits due to the bungling of government bureaucrats.
The City of Janesville issued this press release, according to the GazetteExtra: “The city does not foresee any adverse effects occurring to any of the 758 vendors as a result of the inadvertent release of information. However, in an effort to provide peace of mind to those vendors whose information was released, the city is offering identity theft protection service through LifeLock free of charge for one year to any vendor electing to participate.”
Those who are used to the incompetence of the O’Malley and Obama Administrations and their screw-ups in Obamacare, V.A., Fast and Furious and the never-ending chain of scandals might take small pleasure in the bastion of liberal government, Berkeley, California, where on April 22, 2013, the City of Berkeley admitted that they had disclosed the Social Security numbers of every city employee, again, while responding to a Public Information Request from the media, according to Berkelyside.com.
On May 31, 2014 the Hurley Medical Center in Flint, Mich., disclosed to its staff that Social Security numbers of an “undisclosed” number of employees had been sent out in an email attachment to other employees, all during a health care billing process.
According to Mlive.com, Hurley released this statement: “Hurley has notified all individuals impacted by the disclosure, according to the release, explaining the details and providing a toll-free phone number to assist those who have questions. Hurley is also offering at no cost to impacted individuals access to identity resolution services through First Watch Technologies.”
On Aug. 30, 2013, THE CHESAPEAKE TODAY reported that an audit of the Maryland Comptroller’s office has found that one division has kept sensitive taxpayer information on a publicly accessible computer server for years. The Daily Record reports that the Office of Legislative Audits report made public Thursday found that the Revenue Administration Division kept more than 75,000 records on a server auditors feared could be compromised. Those records include Social Security numbers and taxpayers’ names. Auditors say lax security made records commonly sought by identity thieves vulnerable and it’s not the first time they’ve warned the division.
Legislative auditors reported a total of 10 findings, including four repeat violations by the division.
The comptroller’s office says most of the recommendations have been implemented and sensitive taxpayer data had been removed from that server.
In this case of Social Security numbers being released by the St. Mary’s County government in response to a public information request from THE CHESAPEAKE TODAY, no copies were made of the information and the only copy was returned to the County Attorney.
But since the reporter who reviewed the material has a photographic memory, should he ever be kidnapped and tortured, all the numbers will be disclosed.
In the event that the St. Mary’s County, Md. officials attempt to lie, obfuscate, distort or otherwise cover-up this disclosure of their criminal negligence, the following individuals can verify that the last four digits of their Social Security numbers which were revealed in the release are authentic.
Sheriff Tim Cameron: 3544
Civilian Administrator Brian Eley: 7197
Major John Horne: 4174
Capt. Daniel Alioto: 1307
Capt. Edward Willenborg: 5005
Capt. Steven Hall: 1866
Capt. Michael Merican: 8071
Capt. Terry L. Black: 3130