Database Records and "In Plain Sight" Searches 154
chriswaco writes "A federal appeals court ruled that database records are not 'in plain sight' when other records in the same database are subpoenaed. The case involved Major League Baseball drug test results, but the implications are far wider."
Re:Is it just me or..... (Score:5, Informative)
Surely you are jesting.
The ruling is really about data and I don't think that a baseball story needs to attract a few tech geeks and lawyers to increase banner ad revenue.
Personally, I am a bit reassured that there is such a ruling, because it gives some protection against a cop obtaining a warrant to get some data and issuing the wrong sql query that brings too much data including mine (or the tech guy asked to do it that does not refine the query enough, or just give a report that has the relevant data in it and then some not relevant etc.).
Just read this somewhere else... (Score:5, Informative)
Oh yeah, a much better article on Wired! [wired.com] Despite the bad link and very short summary, it is still an important issue. They key is that they say "Ideally, when searching a computerâ(TM)s hard drive, the government should cull the specific data described in the search warrant, rather than copy the entire drive, the San Francisco-based appeals court ruled. When thatâ(TM)s not possible, the feds must use an independent third party under the courtâ(TM)s supervision," So basically, they had a warrant for 10 drug results, but happened to find 104 results, and took them all. This ruling is a good one in my eyes. Now, they keyword I see there is "ideally", which seems to mean it could be stretched both ways by a smart lawyer, but still overall good stuff.
Re:Makes sense to me (Score:3, Informative)
The "P" in HIPAA stands for Portability, not Privacy.
-Rick
OffTopic - Re: Sig (Score:2, Informative)
The threshold for your abacus is 24601^911th beads.
Comment removed (Score:3, Informative)
Re:Makes sense to me (Score:5, Informative)
On the Privacy rule, from HIPAA's own web site:
Who Is Not Required to Follow This Law
Many organizations that have health information about you do not have to follow this law.
Examples of organizations that do not have to follow the Privacy Rule include:
* life insurers,
* employers,
* workers compensation carriers,
* many schools and school districts,
* many state agencies like child protective service agencies,
* many law enforcement agencies,
* many municipal offices.
Once your employer has your health information, they are not bound to the Privacy Rule.
I'm not saying HIPAA is all bad, but a lot of people have the misconception that the "P" in HIPAA stands for Privacy and that HIPAA is designed solely to protect them. Neither of which is true.
-Rick
Re:Is it just me or..... (Score:1, Informative)
I wish this was true, but you and I know if this had been normal people instead of baseball players the courts would have ruled the other way. I watched years of government abuse of RICO laws against normal people. Only when they used them on tobacco companies did they get limited. It's very clear to me the courts are not blind to the defendant in making rulings about searches.
Re:Is it just me or..... (Score:4, Informative)
Do you even know your rep's name?
Maurice Hinchey and he doesn't give a damn what I think because my political views do not align with his own and his district is so gerrymandered that he only has to worry about what his supporters think.
Re:Seems like there's another problem here... (Score:3, Informative)
From the article:
So the question is, why isn't the players' union suing Major League Baseball for breach of contract? Anonymous and confidential is not the same as identifiable but confidential; if the results actually had been anonymous as promised, this breach never could have happened.
In order to administer the program, which included retests, MLB had to retain some information about the identity of each person tested. A promise that information will remain anonymous is not a promise to destroy all information relating to identity.
You can't win a lawsuit alleging that someone permitted law enforcement to conduct a search in compliance with a valid federal subpoena.
You can't win a lawsuit against a newspaper forcing them to identify anonymous sources.
You can't win a lawsuit against an anonymous source for leaking sensitive information unless you can determine their identity and prove it in a court of law.
Re:The dangers of screening tests (Score:3, Informative)
Re:Is it just me or..... (Score:5, Informative)
>>>"Hello, I'm a constituent, and I'd like to talk to [ my rep ] about technical issues being proposed / in the news / reflecting the upcoming election.
>
Several times. They just don't listen. For example I spoke to my Senator about the DTV conversion, and how the power levels were set too low for VHF channels 6, 8, 10, 11, and 13 such that they could not be received with the indoor antennas most viewers use. He thanked me and then promptly did nothing.
Next I talked to him about Comcast's monopoly and how it is working to "lock up" television programming (cable shows) behind walls, such that only Comcast subscribers could access them, but not Verizon subscribers (like me). He gave told me he supports net neutrality and that's why he's not going to interfere with Comcast's running of its business and he sees nothing wrong with the practice. (Huh?) I later checked and found he gets million from Comcast in contributions.
And of course I've witnessed what's happening with the townhalls, where he basically told the people he's not listening to their cries to "leave my healthcare alone". He's taken a Nixon-like tactic of saying there's a silent majority and he's serving them. (I would argue if such a majority existed, it should speak up not be silent.)
Democracy doesn't work if the reps refuse to hear what we're saying.
Re:Is it just me or..... (Score:3, Informative)
Riiiiiight. You're not too familiar with subpoena are you. They deliberately make them as vague as possible so they can use them as a large net. This helps to prevent some of that abuse.
Re:The dangers of screening tests (Score:3, Informative)
It's not a teeny minority. IBM, all the banks, all financial firms, most manufacturers, most construction jobs, all transportation jobs (truck drivers) require drug testing and often background checks. I had to take a pee test when our small software company got bought by one of the fortune 500. When I got a job offer with IBM years back, I had to take a drug test. It's pretty common.
Re:Seems like there's another problem here... (Score:3, Informative)
Again, the warrant should only give MLB an out on the promise of confidentiality. "Anonymous and confidential" means anonymous AND confidential. They're two different things; you can't say "this is anonymous because we'll just never tell anyone whose name is attached to it." That's just confidentiality. The only way it's anonymous is if nobody - not just "nobody but a privileged few" - can determine whose it is.
That's the whole point of "anonymous and confidential": if the confidentiality is breached, either legally (as in this case) or not, the anonymity is supposed to be the backup.