The California Department of Motor Vehicles has been steadily selling out customers’ credentials to commercial third parties, netting an extra $50 million annually to prop up its resources.
According to a report obtained by Motherboard/Vice under the Public Records Act, the State agency has been consistently selling the personal information of registered drivers like names, physical addresses, and car registration information to private businesses the outlet reported on November 25.
Although the document does not list the companies involved, they may have included insurance companies, data broker LexisNexis, and credit reporting company Experian, as turned out to be the case in other studies on DMVs in several states in the past done by the outlet.
DMV spokesperson Anita Gore, however, assured FOX Business in an email that the state DMV “does not sell driver information for marketing purposes, or to generate revenue outside of the administrative cost of the program. DMV is statutorily required to provide certain driver and vehicle-related information, and is permitted to recover its costs for doing so.”
DMV’s revenues in California from data selling have risen from $41,562,735 in Fiscal Year 2013/2014 to its tentative peak of $52,048,236 in Fiscal Year 2017/2018.
“The DMV takes its obligation to protect personal information very seriously,” Marty Greenstein, public information officer at the California DMV, wrote according to Motherboard. “Information is only released pursuant to legislative direction, and the DMV continues to review its release practices to ensure information is only released to authorized persons/entities and only for authorized purposes.”
The data sales business seems to be executed well within the boundaries of the conditions and conforms to the California Privacy Act that the Golden State has in place since 2019 which is regarded among the strictest in the nation.
In June, California lawmakers approved what experts are calling the country’s most far-reaching law to give people more control over their data online. That law doesn’t take effect until next year.
Feuer (Attorney) said he hopes the case inspires other lawsuits and legislation to curb data-sharing practices.
Earlier this month, California’s Department of Motor Vehicles (DMV) said it had suffered a data breach that improperly disclosed the private information of more than 3,000 licensed drivers to seven federal agencies.
During the last four years, the federal agencies, including the U.S. Department of Homeland Security, had improper access to the Social Security information of around 3,200 people that were involved in an investigation as suspects or witnesses, officials said.
Other agencies who had access to the private information included the Small Business Administration, the Internal Revenue Service, and district attorneys in two of California’s 58 counties, San Diego and Santa Clara counties, the Los Angeles Times reported.
It was unclear if the information was used to investigate the immigration status of the drivers, officials said.
The information could have been used in criminal, tax, or child support investigations, including for witnesses in those inquiries, officials said.
The department halted the disclosure of private information on Aug. 2, immediately after the issue was discovered, DMV spokeswoman Anita Gore told the Los Angeles Times.
The DMV also came under fire last year for long wait times and for potentially botching about 23,000 voter registrations under the state’s “motor voter” law, which lets residents automatically register to vote through the DMV.
Epoch Times reporter Isabel van Brugen and The Associated Press contributed to this report.