The city of Minneapolis is learning a hard lesson about the importance of placing checks on government data access. A court has awarded police officer Amy Krekelberg a total of $585,000 after she sued Minneapolis and two fellow officers for allegedly violating state law protecting the disclosure of DMV data. Krekelberg had discovered that people had arbitrarily accessed her DMV records almost 1,000 times over the course of roughly a decade. Dozens of the perpetrators were other police officers, and the behavior was frequently creepy -- some officers looked for her info late at night, while the two targeted in the lawsuit allegedly looked her up after she turned down their romantic offers.
This isn't the first such lawsuit against Minneapolis for similar behavior, or even other Minnesota cities. It's the first to go to trial, however, and certainly the first to involve a court-decided payout.
City attorney Susan Segal told Wired she was "disappointed" in the outcome, but stressed that Minneapolis had tightened its restrictions on data in the years since Krekelberg learned of what happened. Employees now have to provide reasons when they access DMV info, for example. And to some extent, this case is only happening because Minnesota had a log of DMV data access -- it might not have happened in other states.
The incident also illustrates a perpetual problem with abuses of power when workers have unfettered access to data. Facebook fired an engineer for allegedly using his access to stalk women, while Uber caught flak for not doing enough to stop employees from spying on customers through 'God View.' Although these cases are relatively rare, they suggests that governments and companies alike should limit access to a need-to-know basis whenever possible.