MNCOGI board member and spokesperson Don Gemberling was featured on “Almanac at the Capitol” on January 30. Mary Lahammer’s interview with Don (which begins at 18 minutes, 20 seconds into the program) was part of a segment on data privacy concerns at the Capitol. Hear Don’s comments about the importance of training in state and local government to avoid privacy breaches. He also mentions the possibility of creating a statewide commission to deal with ongoing complex issues of data practices and government access.
Author: mncogi
Minnesota Legislature – Data Practices bill Feb 11
The following Data Practices-related bill will be introduced in the Minnesota State Senate on February 11, 2013:
SF No. 385. LPR data to be classified as “confidential” or “protected nonpublic” data if either a vehicle, its owner, or an occupant is the subject of an open criminal investigation.
Other LPR data must be destroyed if it does meet the criteria above, or else destroyed at the time that an active investigation is closed, if charges are not filed. Law enforcement agencies using LPR devices must maintain a log of the locations of their LPR units, the times of day when those readers collect data, and the aggregate number of vehicles/plates recorded. All such “log” data is to be classified as public data.
Minnesota Legislature – Data Practices bills introduced Jan 28-Feb 7
The following bills relating to the Minnesota Data Practices Act were introduced in the Minnesota Legislature between January 28th and February 7th, 2013:
HF No. 183 The responsible authority of a government agency shall establish procedures to ensure that data on individuals is accurate, and to establish safeguards for data access. Criminal penalties are established for unauthorized access to data; notice and reporting provisions are established.
SF No. 211 The responsible authority of a government agency shall establish procedures to ensure that data on individuals is accurate, and to establish safeguards for data access. Criminal penalties are established for unauthorized access to data; notice and reporting provisions are established.
SF No. 210 LPR data is classified as “private data on individuals” or “nonpublic data.” LPR data must be destroyed within 24 hours unless the data identify a stolen vehicle, a vehicle owner in warrant status, or the data are active investigative data.
MNCOGI has taken a public position regarding the status of LPR data. Find out more on our 2013 Legislative Issues page.
Health Care Exchange bill reviewed
On February 5th, the House Data Practices subcommittee reviewed several of the Open Meeting Law and Data Practices provisions of HF 5, the House version of the enabling legislation for the Minnesota Health Care Exchange.
Several days earlier, during a February 1st public hearing, the language of the bill drew criticism over a lack of specificity regarding data protections and/or data sharing. During that hearing, MNCOGI Board Member Don Gemberling testified about issues in the bill’s data provisions, and offered assistance to the Data Practices subcommittee to rework the language.
Rich Neumeister’s Open Secrets blog has a summary of recent activity with the bill.
E-mail bill to get Senate hearing
On January 29, 2013, the Minnesota Senate Judiciary Committee will take up SF No. 60, a bill that proposes to make citizen e-mail addresses submitted to government entities “not public” data under the Minnesota Data Practices Act. Such information includes e-mail addresses submitted for snow-plowing and other types of notification.
Last week, the House Civil Law Committee heard testimony from the author of the House companion bill, and referred the matter to the body’s Data Practices sub-committee for further deliberation.
The House version of the bill (HF No. 20) was amended last week to remove language that allowed e-mail addresses to be shared for “government purposes.”
MNCOGI has taken the position that e-mail addresses submitted for notification purposes should remain public data, but that government entities should notify citizen submitters that their data will be publicly available under the Data Practices Act.
Minnesota lawmakers propose safeguards against misuse of government databases
http://www.twincities.com/localnews/ci_22436545/minnesota-lawmakers-propose-safeguards-against-misuse-government-databases
Minnesota lawmakers propose safeguards against misuse of government databases
By Kyle Potter
Associated Press
Updated: 01/23/2013 08:14:37 PM CST
Sens. Scott Dibble, DFL-Minneapolis, and Rep. Mary Liz Holberg, R-Lakeville
A week after more than 5,000 Minnesotans found out that a Department of Natural Resources employee had looked up their driving or motor vehicle records, state lawmakers Wednesday announced their plan to curb abuse of databases.
Sen. Scott Dibble, DFL-Minneapolis, and Rep. Mary Liz Holberg, R-Lakeville, outlined a bill that would require all state and local government agencies to establish better safeguards against database misuse and calls for harsher criminal penalties for violators.
Holberg said the breach at the DNR underscored the need for an overhaul of how government handles its data on Minnesotans.
“We’re just really frustrated that this is continuing to happen,” Holberg said. “This situation has to stop.”
The bill would increase the penalty for repeatedly abusing a database from a misdemeanor to a gross misdemeanor.
It also would require all government entities to post an investigation on the Internet, detailing what data was accessed, how many people were affected and naming who was responsible.
Holberg and Dibble’s bill would apply to local government and law enforcement as well. Current law only governs state agencies.
Investigations have found that misuse of the state driver’s license and motor vehicle database is common. Minneapolis, St. Paul and more than 10 other municipalities have paid out $1 million combined in settlements to a former area police officer who accused other officers of improperly accessing her driver’s license information.
It’s especially troubling that databases are being abused “by public safety employees whom we trust with sensitive information,” Dibble said.
Dibble and Holberg said they’ll consider recommendations from the legislative auditor, who is expected to release a report next month on how law enforcement uses state databases.
“I think everybody recognizes that we don’t have the proper systems and procedures in place,” Holberg said.
House Civil Law Committee to hear HF 20 on January 22
The Civil Law Committee of the Minnesota House of Representatives will hear testimony related to HF 20, Representative Freiberg’s bill relating to e-mail addresses submitted to governmental entities for “notification or informational purposes.” HF 20 would make such data “private data on individuals.” Currently, such data is public.
The committee hearing is scheduled to begin at 8:15am in the basement hearing room of the State Office Building.
Minnesota Legislature – Data Practices bills introduced January 16
SF No. 43 – The bill would amend Chapter 13 so that “Government data of a political subdivision on requests for notices of services or activities of a political subdivision” would be “private data on individuals or nonpublic data.”
SF No. 60 – The bill is the Senate companion to HF No. 20. The bill proposes to keep e-mail addresses submitted to government entities “not public.”
Minneapolis seeks LPR data classification
The City of Minneapolis is asking IPAD, the office with the Department of Administration that reviews Data Practices issues, to issue a temporary classification for License Plate Recognition (LPR) data. The data, which consists of millions of police scans of vehicle plates captured by squad car-mounted cameras, is currently available as public data under the Minnesota Data Practices Act. Minneapolis is seeking to have the data temporarily classified as “not public” in anticipation of more comprehensive action by the Minnesota Legislature.
The legislature is expected to take up questions of LPR retention and classification during its 2013 session. MNCOGI will be presenting its perspective on LPR data issues at its January 28 public forum.
Minnesota Legislature – first Data Practices, Open Meeting bills
The Minnesota Legislature convened on January 8, 2013. The following bills were introduced on January 10th. Each has some bearing on Data Practices and Open Meeting issues:
HF No. 5, Establishing a Minnesota insurance exchange
HF No. 5 creates a board to direct the function of the insurance exchange. The bill contains provisions which would exempt certain board discussions (contract negotiations, personnel matters, trade secret information) from the Open Meeting law.
SF No. 1, Senate companion to HF No. 5, with similar provisions
HF No. 20, Classifying e-mail and telephone data
HF No. 20 would classify e-mail and telephone information provided to government entities for notification purposes (snow plowing, etc) as “private data on individuals.” This data is currently public data.
HF No. 42, Subjecting certain DNR/tribal meetings to the Open Meeting law
HF No. 42 would subject meetings involving the Department of Natural Resources, Ojibwe bands, and the Great Lakes Indian Fish and Wildlife Commission to the Open Meeing Law.