Personal Information For Sale: State Sells Citizen’s Info For Profit
Personal information leaks are not uncommon and often result from data breaches or employee negligence. However, in one state, a government office sold citizens’ information for profit without their knowledge or consent. This breach of privacy was a deliberate act and caused harm to the affected individuals.
When you visit the Bureau of Motor Vehicles (BMV) in Indiana, you are required to provide basic information such as your name, address, and age. However, this information is not meant to be sold to a third party without your consent. Unfortunately, an investigation has uncovered that the BMV has been selling personal and sensitive data of Hoosiers to third-party buyers, generating almost $26 million in profits in the past year and hundreds of millions more in total. Shockingly, state lawmakers have not taken any significant measures to cease this fraudulent activity.
Indiana law allows this to happen, even though most citizens aren’t aware of it. Fox59/CBS4 reported on the practice back in November 2021, but it is still taking place. Some people have noticed and notified State Senator Rodney Pol of their grievances with the operation.
“I’ve heard from Hoosiers across this state that have followed your stories,” said Pol. He added that he has introduced legislation that would give the citizens of Indiana a choice on whether their personal data was sold or not, but in 2022 and 2023 the bills never even received a committee hearing.
According to Pol, selling personal data has become a profitable business for the state. In fact, they have included it in their state budget. A report released this month estimates that the agency earned $25.6 million from the sales last year. The report also highlights that the money generated from selling personal data is used to fund various expenses at the agency’s branches, including salaries, lease payments, security, utility charges, and the purchase of new technologies.
In the last decade, the government of the state collected over $250 million by selling personal information of the BMV customers without their knowledge. Curtis Hill, who is running for governor and is a former Attorney General, has promised to sign an executive order against the sale of personal data by government agencies, including the Bureau of Motor Vehicles (BMV), if elected.
In an op-ed written for the Daily Caller, Hill wrote this:
“Over the past 10 years, the state has collected in excess of $250 million from the BMV selling customer personal information, and most Hoosiers had no idea.
As attorney general for Indiana, I was proud to stand up to criminals who profit from identity theft and data breaches. I took civil actions against a number of private companies — including a lawsuit against Equifax for a data breach that affected 3.9 million Hoosiers. We settled with Equifax for nearly $20 million.
The sale of private, personal data by the government is an egregious breach of trust. We are only now learning exactly how much money the government has made off our data over the years, and it gets more startling by the day.
During several recent speaking engagements, I have brought up the BMV’s racket. Audiences are shocked at first, and then angry at the prospect of their state cavalierly selling off their data.
How is this any different from a data breach at a private company that puts millions of Americans at risk? Once this private information is sold and out of the government’s hands, there is no accountability for what happens to the data or where it goes.
At a time when the threat to our national security is at an all-time high and artificial intelligence (AI) is being used to maliciously manipulate the truth, Americans deserve to know that their government is protecting them, and they certainly deserve to know their government is not actively making things worse just to make a buck.
Your privacy and peace of mind should not be sold. You and your families should not be put in graver danger by a state agency’s reckless and uncaring policies.
In Indiana, our Republican governor and Republican-led general assembly are ignoring the privacy interests of hardworking Hoosiers. They are getting drunk on dollar signs — intoxicated by the prospect of how much money can be made by sticking it to the citizens they are supposed to serve.
This is not an issue Republicans should be surrendering to our political opponents. We should not be leaving it to Big Government Democrats to write the legislation that would stop government misuse of our private data.
I’m running for governor, and when I’m in the office, I will sign an executive order on day one prohibiting the Bureau of Motor Vehicles and all other state agencies from selling the personal, private data of Hoosiers without their consent.”
It’s concerning to think about how many other states might be engaging in similar activities. What stands out to me is the hypocrisy of states that punish those who violate data privacy laws and sell information, but then turn around and do the same thing themselves.
It’s another example of the government abusing its power and another reason for citizens to understand that what they don’t know can hurt them.