Potential presidential candidate Jeb Bush just published scores of emails he got during his tenure as Florida’s governor. But in an effort to come clean before officially running for office, the likely Republican presidential pick for 2016 released emails that included people’s social security numbers, home addresses and phone numbers.
The Verge reviewed hundreds of thousands of Bush’s emails, many of which ran the gamut from administrative communications to political support, and found others that were published detailed sensitive information. For example, one email outlined reasons a Florida Lottery employee was getting fired. The employee appealed to the then-governor to get his job back.
It’s unclear whether the disclosure violates Florida’s privacy laws, the Verge reported, and Bush signed his emails with a disclaimer that read, “Florida has a very broad public records law,” and “your email communications may therefore be subject to public disclosure.”
Disclaimer or not, Bush publicly disclosing potentially thousands of peoples’ personal identifying information is in and of itself major privacy breach — the same kind privacy advocates and the White House have admonished big businesses for not preventing.
Data breaches and cybercrime are all too common. For almost a year, hackers accessed nearly 80 million patient records from Anthem, the country’s second largest health insurance company. That breach comes on the heels of breaches from big-box retailers such as Home Depot and eBay.
One in seven people becomes a breach victim, with 25 percent of them also suffering identity theft. And once a person’s information is compromised, it’s hard to recover. People who have their social security numbers stolen must often wrestle with the ramifications years later, ruining their credit and affecting their ability to buy a home, get a loan or land a job.
Privacy advocates have been pushing for more stringent laws that better protect the trove of consumer data collected and stored by companies. Following previous White House recommendations, President Barack Obama recently proposed new digital privacy laws that would make businesses more accountable.
Under a new federal law, businesses would have to notify customers within 30 days if their information is exposed or stolen. That law would unify the similar state laws already in place that have varying standards, some of which don’t require companies to report breaches quickly or at all.
Obama also urged financial institutions to make it easier for customers to monitor their credit by offering free access to their credit scores, and better protect themselves from identity theft.
While it’s possible these proposed policies may not come to fruition or don’t go far enough to protect consumer data, breaches will keep happening and more frequently.