Criminal Data Privacy
Many individuals with criminal records often wonder whether privacy laws can actually do anything to help them clear their past mistakes. Personal data, in particular criminal data relating to convictions and other arrest, seems shockingly available by websites offering a public access system for little cost and sometimes for free.
Even media coverage of law enforcement investigations centered on a private individual can raise anybody’s eyebrows as we see booking photos or arrest videos on our screens within hours of a sensitive incident.
But criminal privacy laws do exist in many forms–and when combined with good legal technology, they can be used effectively to provide real privacy to those who need it most.
How Companies Buy and Sell Your Criminal Justice Information
Companies who buy and sell criminal data are allowed to operate in the US despite numerous privacy laws against criminal record disclosures because they are considered to be consumer reporting agencies.
Consumer reporting agencies are allowed to collect, use, and disclose consumer information for a variety of purposes, which includes providing information to businesses and individuals who have a legitimate need to search for the information.
How Criminal Data is Collected
Law enforcement agencies are the first source of arrest information and companies that do business in brokering criminal justice information either obtain contracts or are allowed access to the departments system.
From there, processing arrest data with what eventually becomes charging data in court isn’t that difficult for entities that operate within the criminal justice system. Once a case is filed, hundreds of criminal data companies may obtain that information and control the services they provide with those digital records.
The final stage is the most complex, because the criminal data ecosystem is a very elaborate web of private companies that broker data about the criminal justice system and the defendants whose records they manage.
For the past few years, new people search engines have crept into the space that was traditionally reserved for criminal data companies–which has brought a new level of concern for any individual who fears that the laws provide too much access to very sensitive and private information.
New laws could provide some solutions–but that may not be enough.
The better way to bring peace of mind is through legal technology built with privacy as its purpose.
Public Data = Public Access
Essentially, the data relating to arrests and convictions are considered public records. Many reasons exist for why criminal justice information is treated this way. Namely, as citizens who live in complex communities, we have a right to know about the transgressions of public offenses that occur near us or can somehow effect our safety.
This, of course, comes with risk when those who obtain information about very private matters misuse the data. Any incident related to a crime is clearly sensitive in nature.
If it’s Public, then how can it be Private?
Companies with access to court records and criminal data relating to arrest and charge information are subject to specific privacy laws that are passed for the protection of defendants.
Both U.S. and state specific privacy laws apply to criminal records where someone’s employment, housing, and collateral rights (such as professional licensing) are affected by the disclosure of criminal information data. The largest protection afforded to defendants is the category of non-conviction data (which may include dismissed or diverted cases or arrests that were never filed).
The ultimate challenge is to offer a unique solution that provides real results in the complex world of the criminal records data industry.
Because what can be collected may not always be open to disclosure. For most, that is the specific kind of privacy that an individual seeks in this context.
To understand this on a more granular level, it helps to know a bit about how criminal data is treated differently than any other kind of consumer data.
Is Personal Data the same as Criminal Data?
To put it simply, there is no real difference in the way that personal data and criminal data are treated under US laws. The main distinction is that personal data is generally considered to be any information that can be used to identify an individual, while criminal data is any information that pertains to an individual’s criminal history–no matter how sensitive. Therefore, the manner of control and disclosure are central to this subject and how privacy protection are applied.
The relative risk associated with personal digital data relating to debt, purchases, location, address, age, and general identifying features can be extremely different than the risk that companies can create with investigations related to convictions or evidence of defendants criminal record privacy.
The issue of consent and more specifically the access to information collected on defendants related to arrests, charges, and convictions can subject those dealing with the information to serious liability.
Therefore, it would help to explain the process in which private individuals who suddenly become defendants in law enforcement investigations find their data augmenting their privacy rights as it is being collected.
How Law Enforcement Agencies Generate Criminal Data
Stage One: Data from Police Departments
The most obvious example of where companies obtain criminal justice system data relating to arrests falls squarely into law enforcement agencies. Police departments and sheriffs departments create and report on a never-ending treasure trove of criminal events. Any type of booking or investigation can be a matter of interest to the media as well and even if sensitive–are legal for the purpose of processing a person during arrest.
Depending on the context, one can see that defendants do not have to consent to their data being released by law enforcement since the rules at this stage are not focused on privacy, but on public safety as well as the public’s right to know.
When police are processing defendants in the course of their duties, they will include incredibly sensitive data, such as: the evidence, risk factors, appropriate charges, identifying information, security, and the level of disclosure to prosecutors. All are primary factors in the data that gets generated from the departments report of the incident. The purpose behind this is to render accurate and complete investigations and afford the prosecution competent evidence related to the defendant.
Stage Two: Data From Police Department to Prosecutors Office
Agencies prepare the final report for submission to the prosecutors office in physical form but also digital form. Witnesses and their data are included in the report, along with: (i) the relevant statute, (ii) measures taken in the investigations, (iii) related offences, (iv) purpose behind offences, (v) search warrant information, (vi) individual data relating to the defendants, (vii) evidence collected, (viii) health information, (ix) laws violated, (x) process of examining witnesses, and (xi) whether protection orders are necessary.
As prosecutors review the report, the information they consider in filing charges can be complex, including: the laws affecting the offences, the laws affecting the evidence, notice to the defendants or witnesses, related cases, prior convictions, and more specifically the risk to the public on account of the ultimate decision of the prosecution.
Stage Three: Court Filings and Court Records Repositories
Processing this information could then trigger either formal filing in court or subject the defendants to an otherwise official statement that charges will not be filed. Whichever proceedings are chosen, data or information about the offences is created.
Competent administrators at either the police department level or prosecution agencies will see to it that sensitive digital information about the defendants are handled an appropriate ways with proper legal control (SSN’s, DOBs, Address information, etc.). Specific authority rests in the law enforcement agencies hands to issue a detention only notice as well as taking the appropriate measures of notifying defendants and witnesses of the filed charges and court date.
Where cases are not filed (if it serves the interests of justice), a record of non-prosecution will be generated and retained for private use or so that the government could otherwise search for the defendant in subsequent offences and investigations (depending on the legal context relating to its storage).
How Criminal Record Data Companies Obtain Law Enforcement Data
The rules or law associated with what data law enforcement can access or control on a person are far more liberal than the data that can be published or disclosed by non government agencies. The monitoring of this data carries some security and protection from misuse–but rarely reported on by regulatory bodies.
Booking data composed at the time of a defendants processing is considered semi-public record, and is individually gathered by runner services who provide data services to others. These services take form of system access via proprietary gateways or restricted use databases.
Similarly, prosecution filings as they stand in the form of unstructured data relating to criminal events can be extracted by the final product via court access portals and bulk data contracts. Each courthouse will carry varying degrees of access and large-scale acquisition. The rules set aside for the media and interest to public persons often deviates from those within the information services ecosystem.
Once the unstructured criminal data is embedded in the acquiring agencies chosen system, the remainder of its distribution will depend on the management system used and the integrations of their vendors and customers. A person acting as an ordinary individual that seeks the same data may do so on an administrative level. However, information and criminal data services typically flood the market to make it far more accessible to individual users wishing for one-off transactions.
What Allows Criminal Record Disclosure?
A person could comb the many complex privacy laws governing criminal record disclosure in each state and find it astronomically painful. Legislative protection given to a person with a criminal or prosecution history often falls into dozens of overlapping codes in statute, ranging from employment rights, housing law, authority given to media, government records, and consumer rights. The fact that the criminal data could be sensitive carries very little relevance.
The Importance of Convictions in Criminal Record Privacy
It cannot be overstated, that when it comes to conviction records, almost every state statute and U.S. law will allow access and consideration of that data as being relevant and publicly accessible for employment, housing, and licensing purposes. For those with very recent convictions (within 3 to 7 years) who must clear those events from their criminal records–it is highly advised to seek a competent attorney to find a more aggressive means of post-sentencing relief. Many states offer statutory measures that could streamline ones criminal privacy given the right circumstances.
For those with convictions where more than seven years have passed, the laws seem to afford defendants greater allowance in non-publication of those records. However, even those with convictions that remain on their records may find protection against discrimination on their side.
In California, recent legislation prevents many employers from considering conviction history as a basis to deny employment unless a conditional offer has been given and that an individualized assessment as to the applicants history has a direct or adverse relationship with the duties of that job. To learn more, you may want to read further on the Fair Chance Act (Cal. Gov. Code §12952).
Where defendants will find the most protection from unnecessary disclosure will be in the form of non-conviction data relating to criminal record history.
The definition of non-conviction criminal history records could vary from state-to-state. But the simplest example is that of (a) arrests that did not result in prosecution, (b) charges that were dismissed or diverted, and (c) convictions that were reversed or subsequently dismissed.
Both at the federal (U.S.) and state level, records that did not result in a conviction (or were reversed through statutory measures such as expungement or clean slate) cannot be disclosed, used, or reported on to third parties seeking background checks during job or housing screens.
The rules are complex depending on the jurisdiction or individual involved. However, publication or disclosure of arrests that were not charged or of criminal cases that were dismissed/diverted are violations of privacy and carry significant consequences to those processing the data relating to the generated reports.
There are also very tailored state statute and federal regulations that serve as “privacy acts” which may apply to many individuals specifically in the context of disclosure of data relating to criminal histories. For those with interests in learning more, the media unfortunately glosses over the intricacies.
The purpose of this article is to shed more light on these rules so that defendants can see that their embarrassing personal data has some protection and that the process to privacy could be better than some thought.
What kind of Privacy Act Affects Criminal Data Consumers?
If you search for “privacy act” in any online engine, you will generate dozens of variations in the US and state-level legal systems that claim to be the Privacy Act authority for citizens.
The biggest problem when it comes to any privacy act, however, is that that are typically specific with the privacy that is meant to be associated with a very particular subject matter.
Therefore, its best not to rely on a privacy act that pertains to consumer data rather than criminal justice information. These often come in the form of various statutory titles–whereas some don’t have any corresponding names to go along with the law.
Nevertheless, there are other alternative laws that operate as a “privacy act” for criminal justice data.
California Information Practices Act (CIPA)
The California Information Practices Act (CIPA) prevents the disclosure of criminal records by prohibiting the release of personal information without the consent of the individual involved.
This law is often referenced when a background check will be conducted on an applicant and requires the individual to provide consent that such a screening is authorized. You may also see a similar privacy act in various contexts when it comes to medical information or victim privacy rights.
California Public Records Act (CPRA)
Similarly, the California Public Records Act (CPRA) prevents the disclosure of criminal records by requiring that all records be open to the public, except for those records that are exempt from disclosure. Exempt records are non-convictions and sealed or expunged cases. This privacy act broadly defines many aspects of public record definitions and rights within the state. The media often relies on the provisions of this law to obtain defendant details in law enforcement investigations in order to report criminal cases in the news.
There are even more specific statutes that act as a privacy act when it comes to background check screening practices.
California Petition to Set-Aside Conviction (aka: Expungement)
Although the word “expungement” is a creature of statute (meaning, it depends on what state is defining the term), it can be used a general phrase to reverse convictions and dismiss criminal cases. In California, when a court grants such a petition, the conviction cannot be reported on a background check absent very specific exceptions. For decades, this was the most useful and largely the only privacy act available to those with criminal records.
This law has been recently bolstered by the recent passing of legislation that allow many criminal records to be automatically expunged (if eligible) that would no longer require defendants to go through the trouble of filing a petition to the court. In this sense, it is one of the most prevalent and useful privacy act available in the state.
Similarly, recent legislation from 2017 made it possible for an individual that was arrested and never prosecuted to petition the law enforcement agencies or courts to seal the records of arrest from disclosure. Just like California’s automatic set-aside expungement scheme, eligible arrests can also be sealed. This combination makes a very powerful privacy act for Californians as a model example and has already triggered legislation in other states as well.
There is a strong argument then, that this kind of personal data is where privacy applies and the laws support it. It should also be noted that there are many more statutes that give protection to consumers and defendants under Labor Codes and various information privacy rules. You can read more about these law in greater detail here.
How You Can Achieve Privacy with a Criminal Record
The RecordFixer App was Built to Make Criminal Records Private
The RecordFixer app provides the best combination of law and technology to those seeking privacy to the sensitive data in their criminal records.
The system of laws provided to serve individuals who were once defendants can be complicated to navigate. But that doesn’t matter anymore.
Through a proven and competent digital process, a person who wishes to close the door on the personal information related to criminal court, investigations, police records, and the companies that manage this data may finally do so.
To get started in your journey to privacy, click here.