News & Articles‎ > ‎Articles‎ > ‎

Buying and Selling Your Motor Vehicle Record: Privacy and Security Violations

posted Jan 6, 2017, 8:03 AM by Resty Manapat

Dallas, TX - Although the Driver’s Privacy Protection Act DPPA disallows state DMV’s from disclosing your personal information for direct marketing, without your express consent, attorney Joseph Malley has discovered that most states sell that information to companies using it for such purpose—in direct violation of the DPPA. And it’s a multi-billion dollar business from which you get nothing. 

Unbeknownst to most everyone, Malley is on a privacy crusade—to protect the privacy of 145 million Americans registered with their state’s motor vehicle department. As a solo-practitioner, he is doing what the State DMVs are failing to do, single-handedly filing federal class actions against such entities, an epitome of the “David v Goliath” battle. 

Have you ever received a letter that claims your vehicle warranty has expired, or a car dealership that wants to ‘buy-back” your vehicle? Ever wondered how these companies that you have never dealt with knew your name, address, make, model and year of your vehicle? 

Malley says that most of the information contained within these letters are derived from your motor vehicle record. He says a company can take information from your motor vehicle record and correlate it to telephone number databases. The telemarketers will then “robo-call” prospective customers. When a person picks up their phone the computer automatically shows the person’s DMV data. The person believes the caller is legit since they know their vehicle information. 

However, a handful of entities, such as courts and the police do obtain DMVs legally and sell information to, say, insurance agencies, government agencies and prospective employers. The latter typically request background checks for criminal records such as DUI. 

But companies that buy DMV information for the express purpose of marketing are doing so illegally. The DPPA federal law prohibits states from selling information that puts at risk our privacy and security. The California DMV states the following: 

The DPPA limits the use of a person's motor vehicle record to certain purposes. These purposes are defined in Title 18, United States Code (USC), Section 2721: 

• Carrying out government agency functions, including courts and law enforcement.

• Use in matters of motor vehicle safety, theft, emissions, product recalls.

• Motor vehicle market research and surveys.

• Legitimate business needs in transactions initiated by the individual to verify the accuracy of personal                  information.

• Use in connection with a civil, criminal, administrative, or arbitral proceeding.

• Insurance activities.

• Research activities and statistical reports, so long as the personal information is not redisclosed or used to            contact individuals. 

The DPPA permits civil damages of $2,500.00 per each violation, and states such as Texas sell 30 million DMV records to each Bulk requestor. 

Malley has learned that the DMVs are violating the DPPA—perhaps indirectly—because personal information has been, and continues to be, “re-disclosed or used to contact individuals.” 

Who Else is Buying Information? 

That’s the multi-billion dollar question. “We know who is buying MVRs from the state,” quips Malley. “The question has always been, ‘What direct marketers are buying MVRs from these bulk requestors?’ The “Bulk Requesters” are individuals or companies that buy the entire database, then periodic updates, claiming a permissible DPPA use. Through the Freedom of Information Act, Malley knows who they are. But Malley’s mission is to find those entities who are buying from the bulk requesters and selling information to telemarketers for direct marketing. 

“We know who the telemarketers are from their letters and phone calls to consumers nationwide,” Malley explains. “And those consumers contact me to complain, but it’s not just about privacy, or even the use of this data for identity theft, it’s about a person’s safety”. In one (1. below) of Malley’s lawsuits he represented an individual referenced as “Jane Doe” within the complaint. Malley explains, “A women contacted me from Florida about receiving a warranty mailer. She had seen my work in this area and was concerned. My cases note that if you receive a warranty letter, then in all probability, the DMV has not only sold your information but you could be found online in a few minutes for a cost of less than five dollars. As I confirmed this information she began to cry hysterically. She explained her boyfriend had tried to kill her, attempting to strangle her to death. She left the state and sought refuge in Florida. Within a few weeks of registering her vehicle she began receiving the warranty letters”. 

So how big is this problem? After three years of extensive litigation and discovery on one case, Malley says he finally exposed the inner workings of one such group, “I was shocked, there were in excess of 1,500 companies across the US making a living off of this one Bulk Requestor for many years,” he says. “These documents also revealed a marketing plan for auto dealerships to pay in excess of $10,000 per week for this vehicle data. Malley adds that the bulk requesters and the telemarketing groups are small companies. The key is the large corporations that actually finance these operations. 

“If you want to see it for yourself, put your VIN number into a Google search and you will get pages of companies that have your information illegally,” adds Malley.

Source: LawyersandSettlements