Archive
SUBSCRIBE NEWSLETTERS
ADVERTISE| CLASSIFIEDS| JOBS| E-TRIB
HIGH SCHOOL SPORTS NETWORK NEIGHBORHOOD NEWS NETWORK
Western Pennsylvania's trusted news source
Heyl: Reality shines harshly on PennDOT's driver data security claims | TribLIVE.com
Region

Heyl: Reality shines harshly on PennDOT's driver data security claims

Eric Heyl
ptrheyl070116
Just some of drivers’ personal information that PennDOT has for sale.

When it comes to protecting millions of motorists' personal information, PennDOT frequently hits bumps in the road.

The transportation department long has claimed there is little danger of the information it accumulates falling into the wrong hands. But if its engineering standards were as lax as its fraud-prevention efforts, plenty of bridges would be interesting conversation pieces for fish swimming in the rivers into which they collapsed.

PennDOT talks a good game when it comes to guarding against identity theft, but talk is considerably cheaper than the $36 annual passenger vehicle registration fee the department charges. Several suspect assertions on the department's website don't hold up when illuminated by reality's harsh headlights.

Don't believe me? Let's examine a few.

• “PennDOT has built a strong and collaborative working relationship with state and federal law enforcement agencies to ensure a comprehensive approach is used to mitigate the risk for fraud and identity theft.”

Reality's harsh headlights: PennDOT has built strong and collaborative working relationships with the credit rating agencies, insurers and other companies to which it sells drivers' personal information. PennDOT took in about $41 million from such sales last year, which I suppose helps explain why state roads are in such stellar shape.

Under legislation approved in 2013, the companies that PennDOT sells your information to can build strong and collaborative working relationships with other companies by selling them your driver information. The state never thought to ask for a cut of those third-party sales; legislators apparently didn't want to be considered greedy.

• “PennDOT is committed to mitigating the risk for fraud and identity theft by continuing to strengthen its driver's license and motor vehicle products and processes.”

Reality's harsh headlights: One of those “processes” involved selling driver info to Sterling Backcheck, the world's largest company devoted exclusively to background checks. Sterling then sold driver names, addresses, license numbers, dates of birth and traffic violation histories to other entities. What could go wrong there?

Plenty.

A recent state Budget Office audit determined Sterling failed to provide PennDOT with details on how it safeguarded the information it bought between 2011 and 2014. That's not entirely Sterling's fault, however, as PennDOT apparently never demanded the details.

This isn't the first time PennDOT has appeared uninterested in safeguarding personal data. An audit by former state Auditor General Jack Wagner criticized the department for not properly protecting sensitive driver's license materials, thus creating a high risk for identity theft.

The audit was released in 2007.

Shouldn't PennDOT's license to drive motorists crazy by not securing their information have expired since then?

Eric Heyl is a Tribune-Review staff writer. Reach him at 412-320-7857 or eheyl@tribweb.com