RECAP Joins The Fight Against PACER -- But Do We Want Its Help?

Posted on September 8, 2009 by Ramzi Ajami

It just became a little cheaper and a little easier to access public court filings through PACER (the Public Access to Court Electronic Records), thanks to RECAP, an open-source Firefox plug-in designed to create a free secondary archive of PACER materials.

Court filings contained in PACER are public documents, and are, in theory, open to the public. But, in the past, the fact that these materials were either maintained in individual courthouses or, once digitized, were behind password-protected log-ins and per-page charges generally prevented them from being widely disseminated. Open society advocates have long criticized PACER for charging the public itemized fees to access public court filings, arguing that this pay-as-you-go system effectively removes public filings from the public domain and discourages a fully transparent legal system. 

Princeton University's Center for Information Technology Policy, with assistance from Harvard University's Berkman Center for Internet and Society, unleashed the latest salvo against PACER in the form of RECAP (“PACER” spelled backwards, not by coincidence). RECAP is a free open-source software plug-in for the popular Firefox web browser that automatically uploads all PACER documents a user is viewing onto a growing archive maintained by the non-profit group Internet Archive. When the next RECAP user attempts to view a PACER document that has already been archived, the RECAP plug-in automatically uploads the copy to prevent that user from paying for those materials. This system essentially allows users of PACER to slowly create a secondary archive of these public documents that can be accessed for free.

I have previously discussed the controversy surrounding PACER's security failings and pricing. After the jump, my colleague Aaron Wright and I discuss whether the RECAP plug-in  magnifies or minimizes PACER's security problems and risks of identity theft, the pushback RECAP has received from courts, and RECAP's creators' response to criticism about the plug-in's security and privacy safeguards.

The RECAP plug-in may answer critics' complaints about PACER's pricing scheme; however, the plug-in may potentially mimic the serious security failings of PACER -- while raising both unique security problems of its own, on one hand, and on the other hand mapping out  a potential roadmap for PACER to effectively screen out sensitive personal information in court filings.

As Ramzi Ajami wrote earlier, the PACER system is littered with filings containing very sensitive information about individuals, including Social Security numbers. While various court rules require that this information be redacted, that obligation is placed firmly and solely on the filer and is not subject to any additional screening. Therefore, if a filer forgets or refuses to redact certain sensitive information, that information may appear in the public system. 

The RECAP plug-in poses an obvious risk of creating a more freely-accessible archive of materials that mirrors PACER’s mistakes and contains documents containing very sensitive personally-identifiable information. However, RECAP also poses the unique risk of creating an “outdated” secondary archive of non-redacted PACER documents that are later redacted in PACER, but that have already been copied and archived by RECAP in non-redacted form. 

RECAP’s creators acknowledge these privacy concerns in their Privacy and Security FAQs, and have instituted what appear to be promising safeguards, including a scanning program that identifies and excludes any documents with Social Security numbers:

 * At our request, the Internet Archive has disallowed search engine indexing of the documents we submit. (This may be changed in the future if we develop better ways of addressing privacy concerns.)

 * The RECAP servers automatically scan all submitted documents for Social Security numbers before they are uploaded to the Internet Archive. Any document in which we detect such information is automatically suppressed.

 * We’re relying on RECAP users to report privacy problems. Please email us if you find a document in the repository that contains inappropriate personal information. Your feedback will not only allow us to suppress the document you found; it will also help us improve our automated filters so that fewer problem documents slip through in the future.

However, aside from Social Security numbers, the FAQs do not address whether RECAP screens documents for other sensitive information that must also be redacted from court filings, and that individually or collectively may also pose a serious risk of identity theft, including taxpayer identification numbers, financial account numbers, and full dates of birth. 

While it remains unclear whether the creators of RECAP will implement further safeguards to address filings containing sensitive information aside from Social Security numbers, the plug-in’s creators have extended an invitation to courts and the public to submit suggestions to enhance the program’s overall security.  

Courts, at least, appear to have rejected that offer, and have so far signaled serious skepticism about the plug-in. Over the past two weeks, various courts have posted bulletins warning filers from using RECAP pending further review of the plug-in, claiming that the open-source software format renders RECAP vulnerable to malicious users who can modify the plug-in for improper uses, and also warning that RECAP may upload filers’ materials (available to attorneys through the EMF log-in) that are not publicly available on PACER.  (See, for example, bulletins here and here.) The creators of RECAP responded by clarifying that RECAP only downloads and copies documents through the public PACER portal (and not attorneys’ EMF system), and reiterated that “users can continue using RECAP with the knowledge that it’s designed with privacy as our top priority.” 

Whether courts will actually engage in a meaningful dialogue with RECAP's creators to strengthen the program’s security protocol, or whether RECAP’s screening protocol for sensitive information may actually provide a roadmap to strengthen PACER’s own security failings, remains to be seen.

Links:

 
Tags: , , , , , , , , , , , , ,

Electronic Access to Court Filings Potentially Exposing Sensitive, Personal Information

Posted on April 9, 2009 by Ramzi Ajami

In an April 2009 press release (.pdf), the Public Access to Court Electronic Records system (“PACER") announced that 99% of all federal courts nationwide have implemented electronic systems allowing litigants to file and review documents online. The near-complete implementation of these online systems marks an important technological and environmental milestone for the legal profession; however, it comes with considerable risks to individuals' privacy and security: potentially limitless filings that inadvertently contain individuals' sensitive information, including financial account numbers and Social Security numbers, may be available to anyone with an Internet connection for the small price of $0.08 cents per page.

On February 27, 2009, Senator Joe Lieberman (I-CT), issued a news release (.pdf) strongly criticizing the Judicial Conference (charged with formulating privacy protections for all federal court practice) in part for allowing thousands of federal filings that contain sensitive, unredacted information, including Social Security numbers, to be made publicly available online through the PACER service).  These infractions were documented by Carl Malamud, the president of Public.Resource.org, a non-profit organization whose general mission is to “Mak[e] Government Information More Accessible.”  Significantly, Malamud only reviewed a portion of all filings publicly available on PACER; the full scope of the number and nature of these infractions remains unknown.  Malamud's exposé of PACER has been documented by the New York Times.  

The problem can originally be traced to the E-Government Act of 2002 (.pdf) (P.L. 107-347, Title II, § 205). This federal statute requires all federal courts to make their electronic filings available to the general public online. Since nearly every federal court implements an electronic filing service, this provision applies to virtually all documents filed in federal court -- greatly increasing the risk that sensitive information is inadvertently published. 

To safeguard against the publication of individuals' sensitive information, the E-Government Act broadly directed the federal judiciary to adopt uniform rules to protect sensitive information contained in court filings. These rules eventually culminated into amendments, effective December 1, 2007, to the Federal Rules of Appellate Procedure (Rule 25), Civil Procedure (Rule 5.2), Criminal Procedure (Rule 49.1), and new Bankruptcy Rule 9037. These new rules require parties to redact specific categories of information from all filings, including Social Security and taxpayer identification numbers (except for the last four digits), all names of minor children (except for initials), all financial account numbers (except for the last four digits), all dates of births for persons (except for the year of birth), and in criminal cases, all home addresses (except for the city and state).

A weakness in these privacy provisions, however, is that they depend solely on the conscientiousness of whomever is filing the documents to identify, and then redact, the sensitive information. This holds true whether the filer is an attorney, or a layperson with no legal background. Courts are not required to review these filings before publishing them online, and in some instances, courts explicitly state that they will not review filings for any redaction. (See, for example, the press release from the District Court for the Southern District of West Virginia (.pdf) on compliance with the E-Government Act and the notice from the Distict Court for the District of Rhode Island (.pdf).)  Therefore, at present, there is absolutely no filter or other protection that prevents a person from filing sensitive personal information in federal court and publishing this information for the general public to access. 

As cases grow more and more document-intensive, it is unsurprising that people filing documents in court may overlook redacting sensitive information.  This is particularly true where the sensitive information is not the client's, but instead relate to a non-party that has no reason to be policing the court docket.  For example, where an employer is sued, sensitive information of its employees may be included in the employer's financial spreadsheets and filed in court as an exhibit during motion practice.  With courts' hands-off approach to filings, we are all in danger of having our sensitive information published online for cases that we may not even know exist.  

The Judicial Conference recently issued a response to Sen. Lieberman's letter. In its response, dated March 26, 2009 (.pdf), the Judicial Conference squarely blames litigants, and not courts, for the infractions arising from the publication of non-redacted sensitive information online,  asserting that litigants alone are responsible for redacting materials under the relevant privacy rules; courts are only charged with publishing those materials.  The Judicial Conference defended this policy: “[t]he litigants and lawyers are in the best position to know if such [sensitive] information is in the filings and, if so, where…Moreover, requiring court staff unilaterally to modify … documents that are filed in court was seen to be impractical and potentially compromising the neutral role the court must play.”  The letter did not explain how instructing court clerks to assist in the ministerial task of redacting sensitive information, even of non-parties unrelated to the case, would "compromis[e] the neutral role the court must play."

However, the Judicial Conference did acknowledge that the reported instances of electronic filings containing sensitive information is “disturbing and must be addressed,” and insisted that its Privacy Subcommittee is continuing to assess whether any additional privacy rules should be implemented to safeguard that information. Moreover, the Judicial Conference explained that while it continues to assess the issue more carefully (including by exploring empirical data on the number of infractions), it has encouraged all clerks of court to remind all parties about their obligations to redact sensitive information, and has encouraged all courts to submit privacy recommendations for possible national adoption.

In the meanwhile, the safekeeping of our sensitive information in federal court filings, available to the public online, remains solely in the hands of whomever is filing those materials. 

Links
Tags: , , , , , , , , , , , ,