Disk drive with crime victim data stolen from U professor

  • Article by: MAURA LERNER , Star Tribune
  • Updated: January 16, 2014 - 9:10 PM

Information was to be used in law professor’s research. It took 11 months to verify those affected.

A computer disk drive containing private data on 119 victims or witnesses of violent crimes was stolen from the office of a prominent University of Minnesota law professor, who had been conducting a research study about the cases.

Prof. Barry Feld sent letters to all 119 individuals early this month, notifying them that names, birth dates and addresses were contained on the stolen disk, and warning them about the risk of identity theft.

Feld called the theft “a disaster,” adding that this was the “worst thing that’s ever happened” in his 41 years at the university.

“This was a serious mistake on my part, and I’m very, very sorry,” he said Thursday.

The disk drive was stolen, along with a laptop, from his assistant’s office last February. But he said it took until now to identify the individuals named in the missing files and obtain their current addresses.

All had been witnesses or victims in cases that were prosecuted in early 2005 in Hennepin and Ramsey County courts.

One victim, who had been raped as an 11-year-old, received Feld’s letter last week. Her mother told the Star Tribune that she was shocked by the data theft, and that she had no idea that her daughter’s information had been shared with a researcher. “I was aghast,” she said. It was particularly galling, she said, because the family had been unable to get some of that same information, such as witness testimony, when they requested it.

Study of interrogation tactics

Feld, a nationally known expert in juvenile justice, said he had been collecting the data for a study about police interrogation tactics. He had previously written a book, “Kids, Cops and Confessions: Inside the Interrogation Room,” based on a similar study of juvenile suspects; and this was to be a follow-up on adults accused of murder, criminal sexual conduct or aggravated robbery.

Because he knew the police records contained both public and private information, Feld obtained permission from the Hennepin County District Court to conduct the study. A court order in July 2012 granted him access to the closed case records, and required Feld to sign a confidentiality agreement to keep the data private.

Feld said he assigned several students to collect the data by going through the original case files, using a laptop and portable scanner.

About six weeks into the project, he said, someone stole the equipment, which had been left in a laptop bag beneath a desk.

“So basically we lost all the data,” Feld said. The only backup, the disk drive, also was in the bag.

Under state law, the university is required to notify individuals if their private data is breached. But in this case, Feld said, “none of us had even looked at the actual data itself … So I had no idea what was in them.”

As a result, Feld said, he had to ask the county attorneys in both Hennepin and Ramsey counties to comb through the original records. “This was a hideous burden for them,” he said. “It took a very long time.” Eventually, they identified 119 victims or witnesses who had private information, such as names, birth dates and addresses, in the files.

Small comfort to rape victim

Two weeks ago, he started notifying each individual by mail. Feld says it’s probably unlikely that anyone used the data, but just in case, the university offered them “free credit monitoring for up to one year.”

For the young rape victim, who is now 21, the letter was small comfort. “First of all, being a victim, your trust is broken. You’re supposed to trust the state, the laws, to protect you, and then they release information like this,” she said.

David Brown, the chief deputy Hennepin County Attorney, said it’s “not a routine thing” to share such information with a university researcher. At the same time, he called it “important research,” adding that “the university, since the breach happened, has taken this very, very seriously.”

Brown confirmed that much of the stolen data was already public, but not all of it. “We just don’t know precisely how much,” he said.

“[We] were extraordinarily disappointed that, despite our best efforts to protect the security, that didn’t happen.”

 

Maura Lerner • 612-673-7384

  • get related content delivered to your inbox

  • manage my email subscriptions

ADVERTISEMENT

Connect with twitterConnect with facebookConnect with Google+Connect with PinterestConnect with PinterestConnect with RssfeedConnect with email newsletters

ADVERTISEMENT

ADVERTISEMENT

ADVERTISEMENT

ADVERTISEMENT

ADVERTISEMENT

question of the day

Poll: How will the Gophers and Vikings do this weekend?

Weekly Question

ADVERTISEMENT

 
Close