To play devil's advocate, 911 calls are information about yourself that you are giving to the government. There isn't anything more than that which makes it a "public record". I can think of other types of information about yourself that one gives to the government, such as your tax return. Should that be public record, and how is it different to a 911 recording?
That dies provide an interesting example. Requiring the accessing party disclose who they are (and who they may be acting for), and putting strict access limits on the requests based on that (once per 10 minutes or hour possibly, unless you petition for a slightly higher access rate because of need, such as your profession) and all under penalty of prosecution of the U.S. government neatly solves the issue for me I think.
If you have to supply your SSN, name and an email for each request, and the name and SSN are shown to later requesters, that easily allows the government to track abuse of an SSN to access records, allows for preventing third parties from accumulating all the records to circumvent the controls, and allows public view of records that might be problematic to have negative privacy consequences if data mined completely.
When I worked on an electronic medical record, the system had a concept called "break the glass". Any record could be accessed, but if that access was not whitelisted as normal for a particular time, place, person, and purpose, the user would be presented with a warning that their access would be recorded and flagged for subsequent auditing, to determine if it was appropriate or not. They could then click through to access the record.
If a care team needed to know right now whether a patient was allergic to medication X, the computer nurse would click through. If someone was just trying to look at the inpatient dietary orders of a celebrity, the warning would likely scare them off and protect patient privacy.
But the important difference there is that the person accessing was not given a digital copy of the record they were accessing, unless they photographed the screen with their phone.
If you release one thing over the web to one person, you permanently lose all access control over that thing. If the system records that one person looked up all the records, well now you know who to go to when you want to look at the records anonymously.
In the UK, we have a system called a "summary care record", which contains just the kind of information likely to be useful to care teams doing urgent work on you. Things like blood type, medication allergies. Then all the detailed stuff is held separately and is presumably harder to access.
Now that you mention it, medication allergy information probably wouldn't have triggered the warning, but I couldn't recall any specific examples of a legitimate access triggering the warning (as you would expect), other than maybe for VIP patients, where some restricted-access flag has been set. I.e. if the ambassador to Elbonia is allergic to mud crabs, you don't want that to be easily accessed information.
First, Federal law prohibits the use of an SSN as a "National ID number". This type of usage is explicitly forbidden. The fact everyone seems to ignore this notwithstanding, Federal systems have been specifically moving away from SSN's as a natural key specifically because of being prohibited, and because they are reused.
Second, a Corporation mechanical turking 1000's of people to datamine public records would not necessarily be easily caught by your system, especially since any body after collecting the data can disincorporate, and take the fruits of the operation with them to be reincorporated under another name; building larger and larger datasets each time.
To the mechanical turk point, that's where the enforcement arm comes in. It's rare that companies so blatantly break the law as a business model. Ubers happen, but not break-into-you-neighbor's-house-as-a-service companies. As soon as the latter gained any traction it would be shut down and people would go to prison. Nobody would start that company. Hopefully a law could be written to make the company you describe more of that kind of company and less of an Uber.
First off, ugh. I hate noticing typos in my comments after the edit period is over. I even emphasized this typo! :/
> First, Federal law prohibits the use of an SSN
Good point. It's always confused me how that's true and how it's used in taxes though. Is it sufficient if it's only part of an identifier (e.g. SSN + last name)?
> Second, a Corporation mechanical turking 1000's of people to datamine public records would not necessarily be easily caught by your system, especially since any body after collecting the data can disincorporate, and take the fruits of the operation with them to be reincorporated under another name; building larger and larger datasets each time.
That's why there would be disclaimers on the access page (Federal crime to access this data on the part of a third party without disclosing third party, so people don't do it) and a license included with the data as to how it is allowed to be used, which should survive any company change.
So, if turks think it's worth bypassing a clear message indicating they would be committing a crime, that's easily handled by the legal system. If a company thinks they can unincorporate and reincorporate to bypass a federal crime, I think they don't understand the legal system, and as long as the justice department pursues it, they'll likely have a hard time explaining where they got their data from (if they can even get people to supply their own SSNs to get it given clear indicators they would be committing a crime to do so).
Really, the thing I would be more worried about it identify theft profiles being used, but as long as there is clear indication in some manner (a letter once a week/month to the tax address on record of the SSN, if that's legal) then it either wouldn't be lucrative to use those identities in that manner or people might get a fairly early indication that their identity has been stolen.
It's an interesting thought experiment. If this were about anything other than pure information, then I think that would be entirely sufficient. Given we're talking about information that we're trying to control the flow of, and once it's entirely out (and in bulk) there's not much you can do, is it sufficient? I don't know. I think it's not really worse than just making it freely available though, some it's an alternative option given that we already see both ends of the spectrum in play right now in different places (e.g. nations that allow tax returns to be publicly seen with apparently little control other than logging, and nations that do not allow it).
