Ex-Minn. DNR official charged with misuse of data

A former state employee accused of breaching thousands of drivers license files targeted almost exclusively women -- many of them prominent figures -- and kept an encrypted file on his computer containing 172 of their photographs, according to criminal charges filed this week.

Prosecutors allege that John Hunt, who was administrative manager of the Department of Natural Resources' enforcement division, made 11,747 queries of the protected data while he was off duty. He was charged in Ramsey County District Court with six counts, including misconduct of a public employee, unauthorized computer access, encrypting data to conceal a crime and unlawful use of private data. All of them are gross misdemeanors or misdemeanors.

Misuse of the drivers license database is common, state records show, but it rarely leads to criminal charges.

The agency sent about 5,000 letters to victims and fired Hunt in January. The case drew the ire of legislators at the Capitol -- several of whom were targets of the data breaches -- and spurred calls for new laws on data misuse.

"I've talked before about [how] we need to change the culture. And I guess we're to the point that if there aren't any consequences the culture doesn't change," said Rep. Mary Liz Holberg, R-Lakeville, who is sponsoring a bill that would increase transparency and penalties for data breaches.

Fred Bruno, Hunt's attorney, said several of the charges have no grounds and he would assess the rest of the charges after receiving more information about the specific data Hunt accessed.

Bruno said he didn't know why Hunt looked up the data or who was checked.

Investigators learned that Hunt conducted drivers license searches on an anchorwoman "following the scheduled ending of the TV anchorwoman's broadcast." In addition to the file of 172 photographs labeled "Mug Shot," investigators found another 26 license photos of women elsewhere on Hunt's computer.

The state's DVS database, which contains photos, addresses and driving records on Minnesotans with a license, is protected by state and federal law against illegitimate use.

The case is being prosecuted by the Duluth city attorney's office. Twin Cities prosecutors made the referral because too many local officials had their data breached.

The DNR had designated Hunt as among those in charge of open records requests and data training. His responsibilities included ensuring that new DNR officers completed training in DVS data use.

The complaint states that Hunt's supervisor estimated his job duties would require him to make no more than 500 DVS queries a year, largely to complete background checks on job applicants.

"But this data should never be accessed in a manner that violates the trust the citizens of our state have a right to expect."

Dohman said the department, which oversees the database, audits the top 50 users and implemented randomized audits last month.

The charges against Hunt follow news earlier this week that former police officer Anne Marie Rasmusson, who sued jurisdictions around the state for misuse of her DVS file, had settled her case with Dohman's department. The stipulations of the settlement, which the Department of Public Safety has not confirmed, include better audits of the DVS database.

Several lawsuits seeking class-action status have been filed in federal court in relation to the Hunt case.