Minnesota Police Officer Awarded $585,000 in Data Privacy Violation Case

the creep(y cops) level of this is concerning, but 1000x in 10yrs, I can only imagine the woman so stalked is gorgeous as, otherwise wtz? prevention of sexual harassment and how to not be a creeper training is needed at that dept (and everywhere else doing this BS unauthorized (and likely illegal) database diving for personal info on that sexy/sinister/snarky/suspicious etc person of “interest”.

I got this from SANS Institute, newsbites newsletter, a good one if you’re into email for such current computing security (privacy to lessor extent) topics. Left their comments in to give a bit of insight on the mailing, they generally have a decent side-attack perspective and appreciation. Been with SANS since the old internet storm center beginning days, reliable voice, professional organization, excellent cyber/infosec info and training, etc. (i’m not a paid shill, lol…


Minnesota Police Officer Awarded $585,000 in Data Privacy Violation Case
(June 21, 2019)
A jury has awarded a Minneapolis, Minnesota police officer US $585,000 in a case involving violations of the state’s Driver’s Privacy Protection Act. In 2013, Amy Krekelberg learned that her DMV records had been accessed nearly 1,000 times over a 10-year period. Krekelberg, who was never under investigation, sued the city and two police officers who had accessed her information. Minneapolis city attorney Susan L. Segal said that in the past, officers had been encouraged to learn how the DMV database worked by looking up friends and family members. The rules have since changed and officers are now required to enter a reason for searching DMV records.

Editor’s Note

[Neely]
Broad access to records, particularly with permissions granted by the US-PATRIOT act, need to be moderated by requiring probable cause. While exercising searches are needed to learn how to use these resources to find necessary corroborating for cases, practice searches need to be performed with permission. Want to know is not need to know; the need to access the information must be genuine. Additionally, having records of those access that can be requested by the public is necessary to verify the searches are authorized.

[Honan]
Another story to show the “nothing to hide, nothing to fear brigade” on how the misuse and abuse of personal data can impact on an individual.

Read more in: