The Washington State Supreme Court ruled recently that state employees’ birthdates associated with their names are not exempt from disclosure pursuant to a freedom of information records request. In so holding, the Court strictly construed the applicable statute that did not expressly exempt birthdates from disclosure. Wash. Pub. Emps. Assn. v. State Ctr for Childhood Deafness & Hearing Loss. Private and public entities across the country that respond to countless requests for information may want to rethink their approach.

In 2016, the Freedom Foundation (Foundation) sent public records access requests to several state agencies seeking disclosure of records for union-represented employees, including their full names, associated birth dates, and agency work e-mail addresses. Upon reviewing the Foundation’s requests, the agencies determined that all of the requested records were disclosable and indicated that, absent a court order, they intended to release the requested records. Several unions filed motions for preliminary and permanent injunctions to prevent disclosure of the requested records based (among other things) on privacy concerns.

In its decision, the Court stated, “We appreciate the Unions’ concern that disclosing birth dates with corresponding employee names may allow . . . requesters or others to obtain residential addresses and to potentially access financial information, retirement accounts, health care records or other employee records. Yet, we cannot judicially expand the [law’s] narrow exemptions beyond the boundaries set by the legislature, lest we step beyond our interpretive role and risk disrupting the balance of public policies the [law] reflects.”

Significantly, the Court noted that it had long ago defined the “right to privacy” by referring to the common law tort of invasion of privacy through public disclosure of private facts citing, Hearst Corp. v. Hoppe (1978). The State legislature subsequently codified a “right to privacy” as being invaded or violated “only if disclosure of information about the person: (1) Would be highly offensive to a reasonable person, and (2) is not of legitimate concern to the public.”

The Court did go on to acknowledge legitimate concerns about the misappropriation of birth dates that echo the concerns related to Social Security numbers. However, the Court ruled that this does not mean that names and associated birth dates have become private—only that this information is personally identifying. The fact that information is personally identifying, alone, is insufficient to warrant its exemption from disclosure.

Ultimately, the Court noted that the Union’s argument was a policy-based one concerned with the wide abuse of personal identifiers for criminal purposes which was not its to make. While the Court was constrained by the statute at issue that specifically exists for the purpose of allowing the public to obtain information about government, the Court did acknowledge concern generally for the misappropriation of personally identifying information. This concern should be instructive for public and private sector entities alike.

Notably, there has been an increase across the country in state laws that have created or expanded on privacy rights (despite Washington’s failed effort earlier this year to pass the Washington Privacy Act, a European-style data protection law). These laws are expanding the categories of personal information that warrant protection – it is no longer just the Social Security number. When not compelled by law, such as a freedom of information law, public and private entities should consider disclosing only what is minimally necessary to respond to a request with particular attention to data elements that facilitate identify theft.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Jeffrey M. Schlossberg Jeffrey M. Schlossberg

Jeffrey M. Schlossberg is a Principal in the Long Island, New York, Office of Jackson Lewis P.C. Mr. Schlossberg has devoted his entire career to the employment law field. He is a Certified Information Privacy Professional (CIPP/US) with the International Association of Privacy…

Jeffrey M. Schlossberg is a Principal in the Long Island, New York, Office of Jackson Lewis P.C. Mr. Schlossberg has devoted his entire career to the employment law field. He is a Certified Information Privacy Professional (CIPP/US) with the International Association of Privacy Professionals and is an editor of the firm’s EPL Risk Mitigation Blog.

Mr. Schlossberg has extensive experience in handling all aspects of the employer-employee relationship. Areas of concentration include: employment discrimination prevention and litigation; workplace harassment policy development and compliance; social media and information privacy in the workplace; family and medical leave; disability matters; wage and hour investigations and litigation; non-competition agreements; and corporate mergers and acquisitions.

Mr. Schlossberg has defended against claims such as sexual harassment, age, race, national origin and disability discrimination for public and private companies in industries such as media, technology, airline, aircraft components, restaurants, supermarkets, securities, medical, manufacturing, cosmetics, food processing, software, clothing, vitamins and nutritional products, and many other employers of varying size throughout the metropolitan area and across the country.

Mr. Schlossberg lectures frequently about various topics to trade and professional associations, such as the Hauppauge Industrial Association. Mr. Schlossberg is also an active member of the Nassau County Bar Association and is a Past Chair of the Nassau County Bar Association Labor & Employment Law Committee.

Mr. Schlossberg is an appointed member of the Employment Law Panel of arbitrators for National Arbitration and Mediation.