Governor Compromises the Privacy of Thousands of Maryland Gun Owners

[FrankOceanXray]

Wasn't there a part of SB281 that made it illegal to release the PII and gun types of gun owners? I think this was calculated to hit us before that law takes effect and I wouldn't be surprised if Bloomberg has his hands in it somehow...

Is it possible to FIOA type request the email exchanges of these officials. Like the EPA head was doing albeit under an alias.

 

[Jaybeez]

Wasn't there a part of SB281 that made it illegal to release the PII and gun types of gun owners? I think this was calculated to hit us before that law takes effect and I wouldn't be surprised if Bloomberg has his hands in it somehow...

that was for pii on carry permit holders only iirc. they don't want people to know about things like vinnie demarco s carry permit.

 

[CrazySanMan]

that was for pii on carry permit holders only iirc. they don't want people to know about things like vinnie demarco s carry permit.

You may be right. I thought it was a concession that we got after that NYC newspaper released the list of gun owners there.

 

[TomisinMd]

Ed Norris just went off on Owe Malley and the state government on 105.7 fm this morning. He said this kind of policy making, not law, was tried and already in place when he became chief of police.
He also said he's talked to someof his contacts still in MSP who said they have no clue whats going on, it just comes from the governors office.

 

[Dingo3]

You ask to have an information seeking chat with your security office. If a report is needed your security office will tell you. CYA.

Thank you. That's pretty much what I did this morning. I wanted a record that I had brought this to their attention.

 

[vector03]

Caller on 1090am (C4's show) just brought this whole thing up...C4 said they're getting into this in the next segment!

 

[Mr H]

Caller on 1090am (C4's show) just brought this whole thing up...C4 said they're getting into this in the next segment!

Firing up the link now

(gawd, the news is really distorting the backlog issue)

 

[vector03]

I'm listening online so it may be a bit behind...he's talking about HoCo students using cellphones.

 

[vector03]

Smigiel is going to be on the show...coming up next.

 

[CrazySanMan]

Smigiel is going to be on the show...coming up next.

Excellent!

 

[vector03]

He's packing a TON of good info into a very short segment.

 

[Mr H]

Great stuff.

C4 agrees it's purposeful

But Smigiel has mentioned MSI twice, and no explanation of what it means...

 

[Ranger Tom]

Editorial in yesterday's Frederick News-Post said that the added "staff" was a great idea and saw nothing wrong with bring in "carefully chosen" state employees to reduce the backlog.

Still no response from local delegates Afzali and Schulz.

 

[Mr H]

New missive...

Borrow ideas if you like

In light of the recent situation regarding the careless handling of Regulated Firearm Applications (Form 77R) by Maryland State Police, allowing slack and unsecured access to applicants' Personally Identifiable Information (PII), many Marylanders now have significant concerns regarding the potential breach of their most critical data.

Whether it was the viewing of this data by the unvetted "volunteer" employees doing the current data entry (in violation of law, since only MSP personnel are so authorized), the potential unauthorized access to this information due to a lack of proper security standards (the use of one set of credentials for all users, for example), or the exposure of that data to the internet in the period between 9/6/13 and the eventual application of a token measure of security yesterday, there has been a very real and dangerous opportunity for the misappropriation and malicious use of Marylanders' PII.

The Maryland Personal Information Protection Act (Md. Code Ann. Comm. Law 14-3504) clearly defines “Personal information” as "an individual's first and last name in combination with a: Social Security Number, Driver's License Number, Financial Account Number or Individual Taxpayer Identification Number unless the information is encrypted, redacted or otherwise rendered unusable. A 'security breach' is defined as the unauthorized acquisition of computerized data that compromises the security, confidentiality or integrity of personal information."

Additionally, the statute declares, "In the event of a security breach, notice must be given to consumers as soon as reasonably practicable following the investigation."

When initially passed, PIPA applied to business entities. But I have received confirmation that, as of July 2013, PIPA is now applicable to the state and its various agencies.

In light of this, I am hereby requesting information regarding the current state of such notification to Marylanders, and scope of the compromise, as required by PIPA. I will be happy to provide my information (and that of my wife, as we are both handgun owners) under separate cover, to the appropriate party authorized to handle these issues.

PIPA requires:
- Description of the information compromised.
- Contact information for the [business], including a toll-free number if the [business] has one.
- Toll-free numbers and addresses for each of the three credit reporting agencies: Equifax, Experian and TransUnion.
- Toll-free numbers, addresses and Websites for the Federal Trade Commission (FTC) and the Office of the Attorney General (OAG).
- A statement that the individual can obtain information from these sources about steps to avoid identity theft.

As a result of these potential breaches, a large number of Marylanders are now feeling compelled to enroll in PII and credit monitoring/insurance programs, where they have had no previous perceived need. I am of the belief that this cost should be borne by MSP and/or the state, for at least three years, as the possible release of our PII was through no fault of our own.

Again, I appreciate the efforts by the Senators and Delegates who are working so hard to protect the Rights and security of all Marylanders, and encourage the rest of you to keep in mind that Marylanders will be paying attention to your positions.

 

[CrazySanMan]

New missive...

Borrow ideas if you like

Nice. Are you sending it to the GA?

 

[Brooksy]

New missive...

Borrow ideas if you like

Which bill made PIPA apply to state agencies on July 1, 2013? I had heard this was done last legislative session after the OLA audit brought up the deficiency, but the only bill I saw was SB676 which doesn't go into effect until July 1, 2014. And they stripped out all of the civil penalties so there is not any teeth to the law.

 

[daijizai]

Tempted to try and use this PII breach and release of data on my gun collection to fulfill my G&S requirements to obtain a CCW ;-)

 

[jpo183]

Has anyone heard from Hough?? I sent two emails one to his campaign one and one to his gov account and no responses. Not even an auto response.

 

[buzzsaw]

Has anyone heard from Hough?? I sent two emails one to his campaign one and one to his gov account and no responses. Not even an auto response.

Someone got through to him one or two days ago and posted in this thread I believe. Look back a few pages - he was unaware before the weekend, but it was brought to his attention now. Apparently lots of emails were going to him and it was hard to separate value information from crap.

 

[pilotguy299]

Has anyone heard from Hough?? I sent two emails one to his campaign one and one to his gov account and no responses. Not even an auto response.

I received a couple of email from his legislative aide. Try this email address:

houghoffice@gmail.com