Frequently Asked Questions
Protecting Utahn’s Privacy
Representative Judy Rohner: Personal Identifying Information in Government Records
Prepared by Ronald Mortensen, Ph.D., FSO (retired)
Last Updated 1-3-24
· Three Fundamental Questions (Questions 1 – 3)
· Components of PII and Medical Information (Question 4)
· Information that the State to Collects on Us with our Legislator’s Approval (Questions 5 – 7)
· Legislators Authorize the Sale/Sharing of our PII and Medical Information (Questions 8-16)
· Legislators Fail to Address the State’s Widespread Data Privacy Problems (Question 17)
· Solution: Representative Rohner’s bill Makes Our PII and Medical Information Private by Default (Questions 18-24)
· An Example of Legislators Putting Us in Danger and Denying Us a Fundamental Right: Sale of the Voter Registration Database (Questions 25-30 )
Three Fundamental Questions
1. Why do Utah legislators have a special responsibility to protect our personal identifiable information (PII) and medical information that is collected and maintained by the state?
Unlike private sector entities, legislators grant state entities a monopoly over the services they provide and allow them to use the force of law to obtain our most sensitive PII and identifiable medical information, including our DNA.
This data collection begins before we are born and continues after our deaths. Over the years, the state collects our information when we obtain services that only the state provides such as birth certificates, drivers licenses, marriage certificates, voter registration, professional licenses, death certificates, food handler permits, etc. In addition, the state Department of Health administers the All-Payer Claims Database which includes our identifiable medical, dental and pharmacy insurance claims complete with diagnostic codes and it collects newborns’ blood and DNA.
Furthermore, the state maintains all of our PII and medical information in multiple databases and when information in these databases are hacked, sold or shared it puts literally millions of us at risk of everything from identity theft to violence from those who would track us down to do us harm to discrimination based on our medical histories.
Therefore, given the amount and extremely sensitive nature of the personal and medical information that the state has on each of us, legislators have a special responsibility to protect us from the harm that occurs when this information is lost or when it is shared or sold for purposes not directly related to that for which it was originally collected.
2. Is it our state Representatives’ and Senators’ role to protect our information or to make it widely available without first obtaining our authorization to do so?
A review of the state’s handling of our PII and medical information shows that legislators have defined the state’s role as primarily collecting, sharing and/or selling our PII and other information rather than as protecting it. This was confirmed by a legislative audit which found that “State agencies’ current data collection and sharing practices create data privacy risk” and that:
· Data sharing among agencies and with third parties is widespread, increasing data privacy risk in Utah.
· Data is shared between divisions in the same agency, between different state agencies, with external entities like universities and non-profit organizations, with federal government agencies, and with third-party vendors.
3. Why is our PII and medical information so valuable?
In today’s world data is the new currency. This means that there is a huge demand for our PII and medical information that is maintained by the state. For medical researchers, the access to the PII and health records of millions of Utahns held by the state can help make professional careers and even lead to discoveries worth billions of dollars. For political operatives, access to voters’ information helps fuel a billion dollar industry.
Enemies of the United States, including China, who can access the state’s vast collection of medical records including DNA and the PII of Utahns, both legally and illegally, can then use AI to correlate this with other data they have on us and this poses a national security threat according to a former general counsel at the National Security Agency. In many cases, China or others wishing to do harm to Utahns can simply purchase our information from the state under Utah’s current legislation. For example, the information of all Utah registered voters can be had for $1,050. Alternatively, Chinese nationals conducting research at Utah’s major universities can collect and transmit highly sensitive medical information used in their research projects back to China.
According to a CBS 60 Minutes report, “The concern is that the Chinese regime is taking all that information about us…and then combining it with our DNA data. With information about heredity and environment, suddenly they knowmore about us than we know about ourselves and, bypassing doctors, China can target us with treatments and medicine we don’t even know we need” [or with highly targeted diseases as a new form of warfare].
Components of PII and Medical Information
4. What are the key components of our PII?
PII includes all of the following because with AI it only takes one or two of these elements to identify us.
a. first name, middle name or initial, last name
b. maiden name
c. alias, nickname, or other name used in childhood
d. photograph or image,
e. social security number,
f. medical or disability information,
g. date of birth,
h. place of birth,
i. mother’s maiden name,
j. address,
k. telephone number,
l. personal characteristics (height, weight, eye color, etc.)
m. gender,
n. driver’s license number,
o. passport number,
p. identification number,
q. credit card number,
r. financial account number
s. DNA
Information that the State to Collects on Us with our Legislators’ Approval
5. How do state entities obtain our PII and medical information?
As noted above, state entities obtain our PII directly from us when we apply for services only offered by the state and they also require private entities, such as health insurance companies to give it to them.
6. Do our legislators limit state entities’ ability to collect our information to the minimum amount that is specifically needed to accomplish the purpose for which the information is being collected?
No. As we learned from news reports, the Utah Department of Health was demanding additional information beyond what was required to issue a birth certificate for research and other purposes. While that hole has ostensibly been plugged, it is still not uncommon for state entities to collect far more information on us than what is required for the service being provided.
7. What health information do our legislators allow the state to collect on us?
A better question may be “What health information don’t our legislators let the state collect on us?” The state has databases that show, by name, all of our doctor and dentist visits complete with diagnostic codes when these are covered by insurance. In addition, it has our identifiable hospitalization and pharmacy records. The state also maintains a cancer registry, a registry of fetal deaths, an autism registry, the Utah Statewide Immunization Information System (USIIS), newborn blood samples, etc.
8. Why do legislators approve the sharing of our PII and medical information for purposes other than for which it was originally collected?
Legislators frequently place what they deem to be the “greater good” ahead of our right to control our PII and medical information. They also all too readily cave in when private and academic interests demand access to information that the state possesses.
One thing that legislators do not do is to ask for our permission before selling or sharing our PII and medical information for purposes other than for which it was originally collected. For example, we give tons of our personal information when we get a drivers license in order to comply with the Real ID act. The Drivers License Division then gives our information to the University of Utah to assist with medical research and to a non-governmental organization (NGO), the Electronic Registration Information Center (ERIC).
9. When our PII and highly sensitive medical information is shared by the state entities that collect it, do our legislators require that we be informed of the transfer and that our authorization be obtained before the transfer takes place?
No—with only very limited exceptions.
10. How do our legislators ensure that our PII and medical information that is shared or sold by the state is properly protected once it leaves the state’s custody?
They don’t.
Voter information given to ERIC is not monitored by either state or legislative auditors or by the state’s CIO. In addition, the state Elections Office is unable to say who, if anyone else, ERIC has shared our voter registration and drivers license information with. In fact when the Elections Office was asked who ERIC shares our information with, its response was “This question will need to be directed to ERIC.”
Candidates receiving our voter information with our year of birth are never audited to ensure that the PII they receive is properly used, protected or disposed of even though unlawfully obtaining and/or misusing a voter’s year of birth is a Class A misdemeanor (Utah Code 20A-2-104).
When Whistleblowers report the misuse of PII and highly sensitive medical information, the Utah Attorney General’s Office defends the accused and the state takes no action to hold those responsible for the misuse accountable. In fact, under the system established by our legislators, the Whistleblower is often is the target of retaliation by the state’s agents.
Even when, during an investigation into the misuse of sensitive medical information, a senior state Health Department Official tells the police that “everything is shared including all of the identifiers of each individual listed in the registry” nothing is done—the “registry” being the Utah Registry of Autism and Developmental Disabilities. See Salt Lake City Police Department Report GO# SL 2022-27775, Narrative Text Mar-09-2022 14:42.
11. Well, at least our legislators make sure that the information the state collects remains totally under the state’s control on state servers and doesn’t allow it to be posted on any other servers that it has no control over, right?
Wrong!
For years, the Drivers License Division has given our driver’s license information to the University of Utah where it is maintained on the U’s servers. The legislature eventually made it possible for those of us who are aware of the issue to opt out from having that information given to the U. In addition, the state Elections Office gives the entire drivers license database to the non-profit, ERIC. The U also has our Voter Registration information on its servers as part of the Utah Population Database.
The Department of Health provides the All-Payer Claims Database, which contains huge amounts of our most sensitive PII and medical information, to the University of Utah. Our information may then be shared with researchers. In addition, for $150,000 annually, institutions may obtain a multi-use, multi-user license from the Department of Health that allows them to access Utahns most sensitive medical information and once that data is in the institution’s possession even if the data is de-identified it can quickly be re-identified using AI.
Furthermore, state and local governments have an untold number of contracts with private vendors and in many cases our data is maintained on the vendors’ servers. In fact, vendors may maintain the encryption keys so the state and local governments, school districts, etc. have little or no visibility on, or control over, what is done with our most sensitive personal and medical information once it is in the hands of a non-governmental entity that we never consented to give our information to in the first place.
12. Why haven’t our legislators done something to address this threat to our privacy? Is it because they are unaware of it?
If legislators are not aware of it, it is only because they don’t consider protecting our privacy a priority. Dr. Ronald Mortensen, Ph.D. has continuously raised the alarm about the state’s woeful lack of concern for the privacy of its citizens for over a decade. Most recently he co-authored articles with Dr. Judith Pinborough Zimmerman, Ph.D. titled When it comes to protecting personal info, Utah deserves an ‘F’(May 18, 2023) and Lawmakers shouldn’t put research above Utahns rights to privacy (June 9, 2023). In addition, as far back as 2010 Dr. Mortensen was raising the alarm about legislators’ failure to protect our voter registration information as explained in Question 27.
Mortensen and Zimmerman’s findings were subsequently confirmed by a legislative audit that was presented to the Legislative Audit Committee on June 13, 2023. That audit found that “State agencies’ current data collection and sharing practices create data privacy risk” and that:
· Data sharing among agencies and with third parties is widespread, increasing data privacy risk in Utah (emphasis added)
· Data is shared between divisions in the same agency, between different state agencies, with external entities like universities and non-profit organizations, with federal government agencies, and with third-party vendors. (emphasis added)
· A lack of data privacy policy in statute and Administrative Rule is a key contributing factor to high data privacy risk.
13. Who benefits from the access they have to our PII and medical information that our legislators pass out so freely?
A wide range of individuals, institutions, private sector companies, and even unfriendly foreign nations all benefit from our legislators’ generosity when it comes to our PII and medical information. Academic and private sector researchers build their careers and fortunes on our data that legislators make available to them. Big Pharma and the entire medical-industrial complex all benefit from our information that legislators give to them without ever asking us if we are o.k. with this data transfer.
Political parties, candidates and their consultants and contractors benefit from our voter registration information since it allows them target their messaging and to save money by ignoring unregistered voters or voters unlikely to support them. It also allows them to more easily collect signatures as acknowledged on the floor of the Senate by Senator Jake Anderegg. On the other hand, the huge number of Utah voters who made their records totally private during the time that they were allowed to sent a strong message that they do not believe that they benefit from having their PII given to the parties and candidates. Many of us object to being forced to pay a de facto “poll tax” consisting of our PII as a condition of exercising our right to vote.
Private companies that collect, consolidate, resell and/or post our PII and medical information to the internet all benefit from legislators’ largess. Lobbyists spend huge amounts to wine, dine and fund legislators’ campaigns in order to maintain their access to state data bases. Likewise, state contractors, including contractors with public education, make millions through access to our and our children’s’ information and, in many cases, they are allowed to keep the information they get from the state or that they collect under these contracts.
When it comes to the local level, legislators stand by while our property ownership information, including Warranty and Quit Claim Deeds, are posted to county websites. Of course, real estate developers, title thieves and still others benefit from the widespread availability of this information.
14. So, what’s the big deal about government sharing our information since most of us have already shared it on Google, Facebook and an untold number of other places?
The key difference is that we have no alternative than to give our information to the state when we need its monopoly services and, when it comes to our medical information, the state just takes it whether we consent or not. On the other hand, the private sector offers us a variety of options to choose from when installing a browser, choosing an e-mail provider or selecting a social media option. We can choose the products that take the least amount of our PII and that best protect the information that we do give them—or we can just do without them. We don’t have that option when we register to vote, get a drivers license, obtain a birth certificate for our newborn, etc. because only the state provides those must-have services.
In addition, if we open a bank account and give the bank a substantial amount of our PII, we do so with the expectation that the bank will protect our information and only use it for what it collected it for. We would be appalled if we learned that our bank was sharing our most sensitive PII and the balances in our accounts with academic researchers or others without first obtaining our authorization to do so.
Likewise, when we obtain medical or mental health services we expect our providers to keep the reason for our visits, our test results and diagnoses private unless we specifically authorize them to share that information with others. However, when government collects this information through the All-Payer Claims system it shares it with academic researchers, other governmental entities and state agencies without first obtaining our authorization.
15. What harm does sharing our PII and medical information without our consent do when it is done for what legislators deem to be the ‘greater good’?
When data is shared without our permission it goes into still more databases where it can be used for purposes that we have no control over. These databases can be hacked and once our information is out of their control no one knows for sure how it is being used. The widespread distribution of our medical information may result in discrimination based on our medical status. The availability of something as simple as the names and addresses high profile individuals’, including politicians, may put them at risk because they hold unpopular ideas, etc.
In addition, when the state sells or shares just several key data points about a victim of domestic violence, a law enforcement officer, a senior citizen, etc., someone wishing to do them harm can use AI to readily link those points together in order to identify the individuals and track them down. An individual whose medical or mental health records are de-identified and shared for research or other purposes can be identified by using AI.
Furthermore, when medical information that is shared or sold by the state is lost by the receiving entity which may have less secure data protection standards in place than does the state, it can result in great harm to individuals should it fall into the wrong hands, including those of enemy nations.
16. Are legislators authorizing the use of our information in a way that makes us unknowing, uncompensated guinea pigs in academic research and other projects?
That’s an interesting question. Given the fact that data is the new currency and its value to academic researchers and biotechnology companies, among others, is incalculable, then when legislators give away our information, we are definitely not being compensated for it. And when our information is used for academic research to further careers and to generate billion dollar profits for the medical-industrial complex, we are, in effect, being uncompensated, unwilling guinea pigs.
An example of just how valuable our medical information may be can be seen from a recent court settlement between a biotechnology company that was accused of reaping billions of dollars from a woman’s cervical cells without first obtaining her consent.
Legislators Fail to Address the State’s Widespread Data Privacy Problems
17. Does the state really have a problem when it comes to protecting our PII that it collects that legislators are slow to acknowledge and correct?
Absolutely, Yes! Even the Legislative Auditor says so: “State agencies’ current data collection and sharing practices create data privacy risk.”
In fact, a quick looks reveals that the state, its publicly funded universities and contractors have managed to share, sell or lose the PII of virtually every man, woman and child in Utah during the past decade or so.
· March 30, 2012. An estimated 780,000 Utahns covered by Medicaid or thought to be eligible for Medicaid along with those enrolled in the Children’s Health Insurance Plan had personal information stolen by hackers in Eastern Europe. Information taken included names, dates of birth, addresses, Social Security numbers, etc. Governor Herbert was quoted by the Salt Lake Tribune as saying: As a state government we have failed to honor that commitment [to protect Utah families and their personal data].
· January 2013. The Utah Health Department revealed that a USB memory stick with 6,000 Medicaid recipients’ protected health information (PHI) was reported lost by a third party contractor.
· Fall 2013. The Lieutenant Governor sells the entire voter database and it is posted to the internet complete with 1.5 million Utahns’ full dates of birth. Interestingly, the Governor’s, Lt. Governor’s and their families’ information had been removed from the database before it was sold.
· December 6, 2013. Up to 97,000 Utahns receiving training funds, unemployment insurance and payroll from Utah’s Workforce Services may have had their personal information compromised due to a data breach. The compromised data includes names, addresses, Social Security numbers, UCard numbers, passwords, logins and security questions.
· July 19, 2020. The University of Utah suffered a ransomware attack and paid a ransom of $457,059.24. The data contained student and employee information. According to the U, “Networks and IT infrastructure are monitored 24 hours a day, and the IT environment is continuously assessed to identify any vulnerabilities that need to be addressed. Despite these processes, the university still has vulnerabilities because of its decentralized nature and complex computing needs.” (Emphasis added.)
· July 20, 2020. The University of Utah reported data breaches affecting 10,000 patients to HHS. Patient names, birthdates, medical record numbers and limited clinical information were exposed.
· June 8, 2023. An estimated 5,800 Utah residents who are Medicaid members will be receiving personalized notifications from the Department of Health and Human Services after some benefit letters were grouped incorrectly and placed in an envelope addressed to a different household. Nearly 200 of these Medicaid members also had their Medicare health insurance claim number, which for some may have been their Social Security number, listed on the letter.
· July 19, 2023. Approximately 30 planned/legacy giving donors to the University of Utah were impacted by a data breach. Personal information including their names, birthdates and Social Security numbers were exposed. In addition, the data—including dates of birth and Social Security numbers—for more than 13,800 current and former employees may have been exposed.
· August 2, 2023. Utah State University has been notified by three vendors that they have experienced a data breach and that this breach has impacted the data of some USU employees and students.
Solution: Representative Rohner’s Bill Makes Our PII and Medical Information Private by Default
18. Can you provide more detail about why legislators should make all PII and medical information collected by state entities private by default?
The role of government is to serve and protect us, not to collect and sell our PII and medical information for anything beyond the specific purpose for which it was collected. When we give our information to state agencies in order to obtain one of the state’s monopoly services or when the state collects our information from various sources such as health insurance providers without our prior authorization, it is still our information—not the state’s. Therefore, its use should be totally restricted to the specific purpose for which we gave it to the state with a few narrowly prescribed exceptions that allow public safety authorities to access it.
It is imperative for legislators to remember that they and the state are there to serve us using the authority that we, the people, have delegated to them. They do not own our information—or us.
19. But, doesn’t Representative Rohner’s bill go too far by restricting the use of our PII and medical information only to the specific purpose for which it was collected?
No. It is still our information. If legislators want our PII and/or our medical information to be used for things other than for which it was originally collected they can get our written authorization before releasing it. Otherwise it remains private.
After all, when we give the state our information in order to obtain, for example, a drivers license which only the state can issue, we do not give up our right to privacy and we certainly don’t give legislators the right to sell or share our most sensitive PII—social security number, date of birth, mother’s maiden name, current and previous addresses, veteran status, physical characteristics, image, medical restrictions, etc.—with academic researchers or ERIC.
20. Why not just require the state entities holding our information to let us opt out from having our information spread far-and-wide?
Perhaps the main reason is that legislators give state entities the right to
collect our information dating back to even before our birth and the state continues to collect information on us even after we die. We do not know what exactly the state is collecting and holding on us because the state collects much of it without our knowledge. In addition, our information is scattered throughout an untold number of state databases which makes it impossible for us to get control of our information.
Therefore, until the state agencies can tell us, which will take years, exactly what they have on us, where they have it and who it is sold to and shared with, the only solution is to make our information private by default. That way, if the state wants to sell or share our information for anything beyond the specific purpose for which it was collected, they have to come to us to get our permission before doing so.
21. Even if the state will someday be able to tell us what PII and medical information it has on us, will it really be feasible to implement an opt out system at that time?
That’s a good question.
Will legislators require agencies to send each and every one of us, including those of us who may no longer be in the state, a letter listing each-and-every place our PII and medical information is stored or will we be left on our own to identify where it is?
Will legislators make it possible for us to opt out of having our data shared or sold from all state databases by simply clicking on one button or will we have to go into each separate database in order to opt out?
How many years will it take before this will even be possible and what do we do in the meantime to stop the state from selling or sharing our information without our prior consent other than making it totally private and allowing us to opt in to sharing it?
22. So it looks like the best option for the average person is for legislators to make all of our PII and medical information that the state holds on us private by default and limit its use to the specific purposes it was collected. Right?
Yes. Given the complexity of government systems and databases, Governor Cox’s stated desire to increase the sharing of our PII and medical information among state agencies and our legislators’ proven unwillingness to protect our information, a bill that does not make our information private by default is nothing more than a thinly veiled effort to make us feel better without really doing anything to protect our privacy.
Therefore, the only solution that deals with this issue in a timely, comprehensive manner is to make all of our PII and all of our medical information collected and held by the state totally private by default. Once that is done those wishing to obtain our PII and medical information for uses other than for which it was specifically collected will have to make the case to each of us individually of why we should give them access to our information.
23. Shouldn’t we wait for the state to enact the “leadership bill” sponsored by Representative Moss and Senator Cullimore that creates a more robust system to inventory and make information that the state holds on us more transparent before designating all PII and medical information collected by state private by default?
This proposed state-of-the art, best in the nation bill which has yet to be drafted apparently will focus primarily on government data classification, inventory and transparency systems. This is laudable; however, it will take years to develop and implement these systems. In the meantime, nothing will change and our information will continue to be sold or shared far-and-wide without our consent.
Unless Representative Rohner’s bill is passed, legislators will continue to treat our personal identifying and medical information as something to be collected, sold and shared rather than as something to be protected. Our drivers license, voter registration, medical, dental and pharmacy insurance claims information, birth and death certificates, etc. will continue to be sold or shared without first obtaining our consent as will databases on Autistic children, etc.
It is critical for everyone to acknowledge that data is the new currency and that the information of over three million Utahns held by the state is highly sought after by many different entities including the nation’s enemies. The bottom line is that our PII and medical information belongs to us and the state has a responsibility to protect it rather than spreading it around as is now the case. We simply cannot let the status quo stand.
24. But if we allow voters to make their voter registration information private under Representative Rohner’s bill and the state can no longer sell it, how can citizens get access to these records to ensure voting integrity?
Legislators can enact legislation that makes voter registration information available for election audits by both state authorities and authorized independent organizations under procedures where our information remains under strict state control on state servers while the audits are taking place.
Auditors can work in state offices and county clerk offices. They should definitely be able to access more information than is available in the public voter database that is currently available to them since it lacks key identifying information such as drivers license info, social security numbers and full birth dates. Under a carefully controlled audit system, no voter registration records would ever be downloaded or taken offsite by any third party as is currently the case with ERIC.
25. Can you provide an example of how legislators ignored repeated warnings and defeated efforts to protect our personal identifying information before serious harm was done?
A prime example of how legislators ignored warnings and put us at risk can be seen in their failure to protect the birth dates of 1.5 million Utah voters.
In 2010, Dr. Ronald Mortensen, Ph.D., recognized the dangers inherent in selling the entire voter database and brought it to the attention of the Utah Attorney General. When Dr. Mortensen asked the Attorney General if someone could legally post the entire voter data base to the internet, his response was, “Don’t even go there” and nothing was done to preclude it from happening.
In 2011, at the request of Dr. Mortensen, Representative Glenn Donnelson (HB25) and Representative Becky Edwards (HB410) ran bills to at least stop the state from selling Utah voters’ full dates of birth (month, day, year). HB25 made voters’ birthdates private but it failed in the House by of vote of 6 Yea and 58 Nay and HB410 which made the voter’s month and day of birth private failed on a vote of 30 Yea 42 Nay. A bi-partisan effort of the Democratic and Republican political parties along with powerful media interests killed both bills as legislators put their personal and their party’s interest ahead of our privacy.
In 2012, Representative Edwards attempted to allow voters to make their birth dates private by filing a form with the county clerk and that bill (HB304) passed the House by a vote of 66-4 However, again under pressure from the two major political parties, the Senate never took it up so the full birth date remained a public record.
In 2013, the state Elections Office, as required by the legislature, sold the entire Utah Voter Database complete with every registered voters full birth dates to a private individual—after removing Governor Herbert’s, Lt. Governor Bell’s and their families’ records. Then, as Dr. Mortensen had predicted, the entire database containing the PII of around 1.5 million Utah voters was posted to the worldwide web in a searchable format on the now defunct utvote.com site. A full copy of the sites’ database with full birth dates can still be downloaded from the internet.
Only after the horse was out of the barn did legislators make it illegal to sell voters’ full birth dates to the general public. Note: Dr. Mortensen’s information was not sold because foreseeing what was coming he had cancelled his voter registration and encouraged others to do the same. This, of course, denied him and others their right to vote.
26. What impact did the sale of the voter list have on individuals who needed to keep their PII, including addresses, private?
When a young woman found out that the state had sold her voter registration information and that it was on the internet she was visibly shaken. She immediately looked her information up online and said, “I have to move!” She eventually wrote the following letter to Representative Becky Edwards.
February 11, 2014
Dear Representative Edwards,
I have been a registered voter since 18, and I never considered that participating in the democratic process might threaten my privacy as it has.
In addition to my address, phone number, and voting record, my birth date is also available online within 2 clicks. While I use social media, I frequently check to insure that my address and my birth date remain private because that is just a little control I have over my own safety and security.
After spending much of my childhood testifying as a victim in an arduous child abuse trial, the accused was finally convicted and spent many years in prison. However, this person has been released multiple times, during which he repeatedly pursued other victims and broke his parole.
This person, according to word-of-mouth, has wielded his political, financial and social power in ways that has allowed him to victimize young, or otherwise powerless, people (and their trusting parents). This has allowed him to access his victims and break the law without punishment.
I do not want this person to find me, and I also don’t want this person to find his other victims (now in the hundreds—after 40 years of pedophilia), who were either threatened or ostracized from their communities when they tried to seek justice after being assaulted or raped.
Please take my information down. The state should not be paid for my information.
I was never informed that being a voter would have such dire consequences. Like any other voter, representation is important, but safety is always first. Don’t encourage other victims to avoid registering to vote because of the online voter list.
Thank you for considering my plea.
27. What did legislators do to help the 1.5 million Utahns’ after their birth dates were sold by the state and posted to the internet?
The short answer is “Nothing.”
Legislators didn’t provide Utahns with any credit monitoring or other services like private companies do when they suffer a data breach but, of course, this was not a data breach since the state sold the information as required by legislators.
28. Did legislators do anything to prevent this from happening again?
Tweaks were initially made limiting who could have access to our full birthdates. Later we were allowed to opt out of having our voter records sold or shared and even to make our voter registration records totally private. However, because so many of us elected to make our records totally private, legislators, at the behest of the two major political parties and in their own self-interest, slowly whittled that right away in order to ensure that all political parties, all candidates and all of their camp followers can still access everyone’s information. This allows legislators running for re-election to more easily collect signatures and send us targeted messaging based on our age.
The Lieutenant Governor continues to sell the voter database to anyone with $1,050 and she gives the entire voter database, including all protected records (20A-2-104 & 63G-2-303), to a non-profit, NGO that doesn’t even have a physical office location—the Electronic Registration Information Center (ERIC). When asked what happens to our information once it is in ERIC’s possession, the Elections Office said that we would have to ask ERIC.
29. So, today the only way for we can exercise our right to vote is to let all political parties, all candidates, both partisan and non-partisan, and all of their consultants, volunteers, etc., along with ERIC, have our PII. Isn’t this a form of poll tax when we are required to pay with our PII in order to be able to vote?
One could certainly see it that way. If we want to vote we have to make our information available to all political parties, all partisan and non-partisan candidates as well as to ERIC. This certainly looks like a poll tax since data is the new currency.
30. It sounds like, in addition to being a form of poll tax, that this is voter suppression. Right?
This is definitely a form of voter suppression—especially for those who value their privacy and object to having their PII shared with parties, candidates, their camp followers, and with ERIC—since they are forced to choose between their privacy and their right to vote.
Citizens For Tax Fairness 