Pennsylvania County Faces Up To $67 Million In Damages For Distribution Of Criminal Record Information

Criminal Record Folder with GavelA suburban Philadelphia county is facing a judgment of up to $67 million after a Pennsylvania federal jury found that it violated the Pennsylvania Criminal History Record Information Act.

Pennsylvania’s Criminal History Record Information Act (“CHRIA”) governs the dissemination of records held by criminal justice agencies.  It requires criminal justice agencies to expunge criminal history record information under certain circumstances.  It also contains detailed restrictions on when a criminal justice agency can distribute criminal record information to agencies other than criminal justice agencies or to individuals.  It provides that any person “aggrieved by a violation” of CHRIA “shall be entitled to actual and real damages of not less than $100 for each violation” and “not less than $1,000 nor more than $10,000” for each willful violation.

The Plaintiff in the case alleged that he had been arrested by the Bensalem Police Department in September of 1998 and was subsequently processed through the Bucks County Correctional Facility (“BCCF”).  He then successfully completed a pre-trial rehabilitation program, which allowed him to file a petition for expungement under state law.  He filed that petition, and the court issued an order of expungement in January of 2000.

Nevertheless, in 2007 BCCF created a website that made available to the public criminal history record information, including mug shots and booking photos, of individuals who had been placed in BCCF after their arrest, going back some 70 years.  The information accessible on the website included information for individuals whose criminal records had later been expunged or whose charges had been dismissed.  Plaintiff’s information was accessible on the website.  Plaintiff alleged that a private business running websites named and was able to gather the information from the BCCF website and make it available on its own website for a fee, without the consent of the affected individual.

As a result, Plaintiff filed a class action complaint on his own behalf and on behalf of others whose records had been expunged, yet their information was published on the BCCF website.  He asserted claims under CHRIA against BCCF and the private websites.  He also asserted claims against the private websites for the unauthorized use of his name or likeness and for false light invasion of privacy.

Plaintiff’s claims against the private websites ultimately failed.  The Court dismissed the CHRIA and unauthorized use of name or likeness claims at the outset.  The Court ruled that CHRIA, by its terms, applied only to criminal justice agencies.  The websites, on the other hand, were private actors.  Therefore, the Court concluded, the websites could have no liability under CHRIA.  The Court also dismissed Plaintiff’s claim for unauthorized use of name or likeness, because Plaintiff failed to show that his name and likeness had “commercial value” as required under the relevant statute.  While the Court allowed Plaintiff’s claim against the websites for false light invasion of privacy to move past the motion to dismiss stage, it ruled in favor of the websites on that claim at summary judgment.  The Court ruled that Plaintiff had failed to produce evidence that the websites acted with actual knowledge or with reckless disregard for the falsity of the information about Plaintiff.  To the contrary, the Court found that the websites had no obvious reason to doubt that the information provided on the BCCF website did not include expunged information.

Consequently, the case moved forward only with respect to the CHRIA claim against BCCF.  The Court granted summary judgment in favor of Plaintiff on liability under CHRIA, finding that the distributed information was criminal record history information under “the unambiguous definition in CHRIA, Pennsylvania’s rules of statutory construction, relevant decisions by Pennsylvania courts, and the Attorney General’s CHRIA Handbook.”

Therefore, the only issues for trial were whether BCCF “willfully” violated CHRIA and to assess damages.  The jury ultimately found that the violations were willful under CHRIA.  It fixed punitive damages at the statutory minimum $1,000 per violation for the nearly 67,000 individuals whose records were unlawfully accessible on the website.  The potential $67 million verdict, however, is the ceiling.  The Court later will determine the exact number of class members who are eligible for the award.  The ultimate number is likely to decrease once deceased class members are removed from the equation.

About The Author
Posted in Privacy
About Cyber Law Monitor
In the new digital world, individuals and businesses are almost entirely dependent on computer technology and electronic communications to function on a daily basis. Although the power of modern technology is a source of opportunity and inspiration—it also poses huge challenges, from protecting privacy and securing proprietary data to adhering to fast-changing statutory and regulatory requirements. The Cyber Law Monitor blog covers privacy, data security, technology, and cyber space. It tracks major legal and policy developments and provides analysis of current events.
Subscribe For Updates


Cozen O’Connor Blogs