OHIO State weak on privacy protection, study says
The study said Ohio does not prohibit banks from giving out information about customers' accounts.
By DAVID ENRICH
STATES NEWS SERVICE
WASHINGTON -- Ohio is not doing enough to protect the privacy of its citizens, says a new study by Privacy Journal, a monthly newsletter that focuses on federal and state privacy laws.
Ohio has fewer and weaker privacy protections than most other states, the study says. It ranks Ohio in the third of five tiers of states.
In categorizing the states, Privacy Journal gave the most weight to the areas of medical and financial privacy.
"That's the most sensitive information," said Robert Ellis Smith, who is the publisher of Privacy Journal and conducted the study.
"People seem to care the most about the confidentiality of their bank account information and their medical records."
Ohio fares poorly on both counts, Smith said.
He said the state does not prohibit banks and other financial institutions from distributing information about customers' bank accounts or spending practices.
But Ohio is hardly alone in that regard; Smith said that fewer than a dozen states have such laws.
Nor does Ohio have strong laws regulating the disclosure of medical and library records, or giving people the right to opt out of telephone solicitations, the study shows.
Smith also said Ohio does not regulate how employers can collect and use their employees' DNA data.
Ohio's ranking has not changed much since Privacy Journal last ranked states' privacy protections in 1999, Smith said.
Good on open records
On a more positive note, Smith praised Ohio for being one of about a dozen states with a strong open-records law, which entitles residents to examine data that state government agencies have collected about them.
Some analysts said that the most worrisome development is how federal and state governments not only are failing to protect privacy, but also are moving to collect more information about their citizens.
"The state of Ohio itself has had some very shoddy privacy practices," said Chris Link, the executive director of the American Civil Liberties Union of Ohio.
She said the state maintains lists of sex offenders and DNA samples from many people who are arrested.
But the names and DNA data are not removed from the government lists and databases, even if the people are never charged with or convicted of a crime.
"You're there forever," Link said. "Once they collect the data, they never purge it."
Smith added the federal government earned poor marks in terms of privacy protection.
"If the federal government had been ranked like a state, it would have placed in the fourth [second-lowest] tier," Smith said.
He cited a lack of strong federal laws protecting the confidentiality of people's medical, financial and library records.
Smith and many civil libertarians complain that Congress and the Bush administration have curtailed privacy rights in the wake of the Sept. 11 terrorist attacks.
Biggest complaint
The most egregious example, they say, is the anti-terrorism USA-Patriot Act, which granted sweeping new powers to federal law-enforcement agencies.
Among those new powers is the right for the federal government to monitor financial transactions even if they are not directly tied to terrorism.
Wayne Crews, director of technology studies at the libertarian Cato Institute in Washington, said that in the wake of Sept. 11 and the subsequent expansion of government powers, "we've seen a massive shift from private information collection to government information collection."
"At least with private information collection, you have the engines of the market at work," Crews said.
"People rebel [and companies respond]. But with the government, you don't get that choice. You don't get to opt out of government information collection."