Over the course of the last week, 118 class action lawsuits were filed against data brokers who allegedly failed to respond to requests from about 20,000 New Jersey law enforcement personnel asking to remove their personal information from the internet.
New Jersey law prohibits the disclosure of home addresses and unpublished telephone numbers for current and retired police officers, prosecutors, and judges, along with their family members. If that information is disclosed, the law requires it be removed within 10 days of a takedown request.
Failure to do so could result in a $1,000 fine per violation. The law, known as Daniel’s Law, was passed after a New Jersey federal judge’s 20-year-old son was shot to death at her home in 2020 by a disgruntled attorney.
The law enforcement officers are seeking $1,000 for each violation plus punitive damages and attorneys fees from the 118 data brokers, meaning each lawsuit could cost individual data brokers at least $20 million and hit the industry with at least $2.3 billion in fines, according to records found on a web portal for New Jersey courts.
The recently filed lawsuits against the 118 data brokers contend that they failed to respond to takedown requests for a month, beginning on January 6. Atlas Data Privacy Corp., a company that helped many law enforcement officers make takedown requests, filed the suits on behalf of the police officers and others working in law enforcement.
Because other law enforcement personnel could have made takedown requests without Atlas’s help, the problem is likely broader in scope and more lawsuits could emerge.
The lawsuits filed last week include several examples of officers whose lives have been threatened due to their work investigating gangs and other criminal organizations.
Among the plaintiffs is a police officer who worked with a task force targeting the violent Mara Salvatrucha-13 (MS-13) gang for two years, and received death threats that prompted him to relocate his family. The gang used publicly available information to continue to threaten him, according to the lawsuit.
Gang members “intended to burn down” a building with the officer’s mother inside,”but set fire to an adjacent building by mistake,” the lawsuit says. “Phone calls between MS-13 members discussing the premeditated murder of [the detective] and his family, and the premeditated murder of [the detective’s] mother, were intercepted by jail wiretaps.”
Another officer listed in the complaint as Jane Doe-1 helped investigate a major criminal organization, leading to a prosecution. A subsequent search of digital devices taken from the organization’s leadership turned up photos of the officer’s home, including “night-time photography” of her young child’s lit up bedroom and playroom windows, while the child was playing inside, the lawsuit says.
“Further investigation revealed that the criminal organization’s leadership had hired a private investigator who searched online data broker websites to obtain the officer’s home address,” the lawsuit says. “Having identified her home address, text messages confirmed that they had initiated surveillance and were tracking Officer Doe-1’s movements to and from her home, immediately prior to the task force initiating arrests.”
Atlas did not immediately respond to a request for comment.
Data privacy advocates said the lawsuits highlight the need for data brokers to be regulated for all Americans and not just law enforcement.
“Laws that crack down on data brokers and compensate individuals when their personal data is illegally trafficked are a good thing,” said John Davisson, litigation director at the Electronic Privacy Information Center, a nonprofit which advocates for data privacy, among other issues.
But Davisson added that the lawsuits and the statute they’re based on are a reminder that law enforcement agencies are “among the biggest customers of data brokers and frequently use their products to circumvent warrant requirements.”
Many people besides law enforcement officers have reasons to fear for their lives, said Nathalie Maréchal, co-director of privacy and data for the Center for Democracy and Technology, which fights for civil rights and liberties in the digital age.
Maréchal also pointed out how difficult it is to hide from data brokers even for those legally covered as is true for New Jersey law enforcement.
“The process for removing one’s physical address from the data broker ecosystem should be much easier and available to everyone,” Maréchal said. “Of course, it would be even better to eliminate the trade in personal information altogether by enacting a comprehensive federal privacy law with strong data minimization and purpose limitation.”
She added that companies shouldn’t purchase information they don’t need to do business with a given consumer and that home addresses should be handled with extreme care if they are collected.
“Buying and selling people’s home addresses to anyone willing to pay for it should be prohibited, full stop,” she said.
Get more insights with the
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Suzanne Smalley
Suzanne Smalley is a reporter covering privacy, disinformation and cybersecurity policy for The Record. She was previously a cybersecurity reporter at CyberScoop and Reuters. Earlier in her career Suzanne covered the Boston Police Department for the Boston Globe and two presidential campaign cycles for Newsweek. She lives in Washington with her husband and three children.