11

Suppose that:

(1) a person living in Washington state receives a large number of documents from a public records request, each containing names and mailing addresses (for hundreds of thousands of people in total), along with a variety of other data; and

(2) they then publish this collection of documents onto their own (non-commercial) website, and make tools to search/filter the database in various ways, selecting/displaying lists of individuals based on criteria from data about them in the records; and

(3) government agencies already provide all of these documents online for free download. But they only provide the records online one-by-one rather than in aggregate, and they offer limited ability to search/filter records.

Is it illegal under Washington state, or Federal, law for an individual to publish large #'s of public records containing personal information (such as home address) like this, on their own website? Would the person publishing the records likely be open to civil suits by the individuals whose information was published on the website?

J. Taylor
  • 246
  • 2
  • 9

6 Answers6

12

Publishing government records is pretty classic First Amendment-protected activity. Keeping in mind that one can find a lawyer to sue for anything, I think that person would likely be operating well within the law.

One thing in particular that I'd recommend staying aware of is how one might attempt to monetize this endeavor. There have been a lot of sites publishing arrest records, court records, and mugshots, and then charging people to have them removed to keep them from popping up in a Google search for those people's names. That is -- rightly -- regarded as sketchy behavior; while several states have passed laws prohibiting that business model, I don't believe any such law exists in Washington State at this point.

bdb484
  • 66,944
  • 4
  • 146
  • 214
9

As specified in the Public Records Act, under RCW 42.56.050 "invasion of privacy" (which is restricted by law) only arises when the content

(1) Would be highly offensive to a reasonable person, and (2) is not of legitimate concern to the public.

In publishing such information would be an invasion of privacy, it is not subject to public inspection under the act. 42.56.230 lists some information specific exempt from public inspection, covering certain information about children, health info, credit cards, certain kinds of financial information, but not, for example, a home address or email address.

Since the basic information is legally available under the act, it may be published, and it may be excerpted arranged in a useful manner: there is no requirement that information obtained under the act be published only in the form that it was provided in the public record.

user6726
  • 217,973
  • 11
  • 354
  • 589
7

I would be careful that no records belong to EU citizens, as it would likely be illegal under GDPR to have their information without their specific permission, and giving them the right to have it removed.

SGR
  • 248
  • 1
  • 6
2

I'm not a lawyer, but I think this might depend on the context in which the information is published. If it's something "innocent", like making an online "address-book" for the town/community the publisher of the information lives in, then it might be okay. However, if it's in some way, shape or form meant to cause negative effects on the people whose information is published, then it might be a no-no. For example: "doxing" people for religious or political beliefs, or implicitly or explicitly accusing/slandering them of something (regardless if it is true or not), so that people opposing those beliefs can hurt/harass/discriminate against them, might result in a world of hurt legally for the publisher. Example: publishing a list of names and addresses of people and/or their family on a website called something like "neonaziwatch.com" (even without an explicit accusation) will probably make the publisher liable if someone harms people based on the published list.

joecro
  • 21
  • 1
2

I haven't seen a White Pages phonebook come out in a while, with name-address-telephone number, but that stuff doesn't fall into the Personally Identifiable Information we are trained to protect at work. Other stuff is, stuff that could lead to identify theft or fraud.

CrossRoads
  • 135
  • 2
-1

I don't know about the legality, but what you just described is the business model of instantcheckmate. I'd prefer there weren't such sites, but here it is.

Eric
  • 109
  • 1