In 2013, Amy Krekelberg received an unsettling notice from Minnesotas Department of Natural Resources: An employee had abused his access to a government drivers license database and snooped on thousands of people in the state, mostly women. Krekelberg learned that she was one of them.
When Krekelberg asked for an audit of accesses to her DMV records, as allowed by Minnesota state law, she learned that her information—which would include things like her address, weight, height, and drivers license pictures—had been viewed nearly 1,000 times since 2003, even though she was never under investigation by law enforcement. In fact, Krekelberg was law enforcement: she joined the Minneapolis Police Department in 2012, after spending eight years working elsewhere for the city, mostly as an officer for the Park & Recreation Board. She later learned that over 500 of those lookups were conducted by dozens of other cops. Even more eerie, many officers had searched for her in the middle of the night.
Krekelberg eventually sued the city of Minneapolis, as well as two individual officers, for violating the Drivers Privacy Protection Act, which governs the disclosure of personal information collected by state Departments of Motor Vehicles. Earlier this week, she won. On Wednesday, a jury awarded Krekelberg $585,000, including $300,000 in punitive damages from the two defendants, who looked up Krekelbergs information after she allegedly rejected their romantic advances, according to court documents.
“I think that the jurys verdict shows that people do take privacy quite seriously and that they take womens privacy seriously,” says Sarah St. Vincent, a surveillance and national security researcher at Human Rights Watch who attended the trial. She is studying similar cases across the country.There have been dozens of lawsuits against Minneapolis and other Minnesota cities in recent years over alleged abuses of license databases. Most of the cases were settled out of court or dismissed; Krekelbergs is the only one to have gone to trial. Two of Krekelbergs lawyers, Sonia Miller-Van Oort and Jonathan Strauss, say that their client suffered harassment from her colleagues for years as the case proceeded, and that in at least one instance, other cops refused to provide Krekelberg with backup support. She now works a desk job.
“We are disappointed in this verdict, but the city takes very seriously the importance of data privacy,” says Susan L. Segal, the Minneapolis City Attorney. She stressed that the police departments policies have changed in recent years. Minneapolis employees are now required to enter a reason when they search DMV records. Previously, to learn to use the database, officers were encouraged to “go back to work and look up some of [their] friends and family members,” says Segal. “There was not this awareness.”
Minnesota did have at least one rare accountability measure in place: It kept a log of when the DMV database was searched, and citizens have the right to request their file. Without that digital trail, Krekelberg likely wouldnt have had the evidence to bring a case. In many other states, similar protections dont exist, even for more advanced technologies, like facial recognition software. Policies can differ greatly between police departments, says Kade Crockford, director of the Technology for Liberty program at the ACLU of Massachusetts. “Theres virtually no uniformity,” she says.
That makes it difficult for citizens to know when their information has been improperly accessed by the government, which happens not infrequently. A 2016 investigation by the Associated Press found hundreds of instances where law enforcement officials misused confidential databases for personal purposes, like to dig up dirt on romantic partners, neighbors, and journalists. One Ohio officer ran checks on his ex-girlfriend, and pleaded guilty to stalking her. Two Miami-Dade officers looked up a reporter who published negative stories about their department.
“I was a trooper for a long time and it was a common practice for troopers to run someones name through the [Massachusetts criminal record] system for reasons besides law enforcement,” Michael Szymanski, a former state trooper who was disciplined for abusing a police database, told CommonWealth Magazine in May. “I cant tell you how many times I saw troopers run their next-door neighbor through [the systeRead More – Source
[contf] [contfnew] 
Ars Technica
[contfnewc] [contfnewc]
