Vermont DMV defends its use of personal data

Michael Bielawski/DMV

ON DEFENSE: At the end of the table, Michael Smith, director of operations for the Vermont DMV, and DMV Commissioner Wanda Minoli defend the department’s use of personal data. They also said they are reviewing policies when it comes to data sharing.

MONTPELIER — Top Department of Motor Vehicles representatives on Tuesday appeared before the House Judiciary Committee and said that the agency has been acting within the law regarding the handling of drivers’ personal information.

They also said they are conducting a policy review to ensure no violations exist, and that some temporary changes have already been implemented.

The state agency’s use of personal data came under fire when VTDigger reported in November that more than 700 organizations, companies and agencies have been obtaining personal information from the DMV for years. The agency made last least $15 million from data sales in the past four years. The report prompted Gov. Phil Scott to halt allowing private investigators to obtain records through the agency.

The committee is discussing a bill, H.591, which relates to restricting the release of personal information by state agencies and departments, including the DMV. The bill is sponsored by Rep. Thomas Burditt, R-West Rutland, and Rep. Barbara Rachelson, D-Burlington.

The DMV’s director of operations, Michael Smith, along with Commissioner Wanda Minoli, offered joint testimony defending the agency’s actions.

Smith told True North he thinks the agency got a bad rap based on critical media reports.

“I think that everyone got led to believe that we’re just selling everybody’s data and giving it away like it’s just the right thing to do, and that’s just not the case,” he told said. “I mean, we follow the Driver Privacy Protection Act — we believe that what we are doing is in compliance with the DPPA.”

He continued that the DMV is nevertheless responding to these criticisms proactively, including an investigation into how data is used and shared.

“As Wanda pointed out in here and in another committee, when these issues or items come up, it gives you the opportunity to look at what you are doing,” he said.

Minoli testified that an internal investigation is happening.

“We’ve started to look at what the process is, how do the requests come in, what types of requests come in, how are we approving those requests, how are they verifying or validating the information they are requesting, is it permissible under the Drivers’ Privacy Protection Act,” she explained.

One initial change is while this investigation is ongoing, the public can no longer simply go online to gather certain information about individuals. For now, individuals must appear at the DMV and speak to someone at the counter if they wish to obtain information.

Minoli explained the new change: “[Formerly], there [was] a form so you would be identified and approved as an eligible user of the terminal, and through that terminal you were able to do some of your searches on your own,” she said. “. .. That we have ceased — we have paused the terminals.”

Smith said there are areas where the DMV is required to provide data, such as for providing ownership information to manufacturers when there is a recall issued for a vehicle.

Then there are optional scenarios, Smith said: “We may allow private eyes to have access to your records. We may allow anybody who has anticipated litigation to have access. We may allow toll operations to access it.”

He added that 12 different criteria can lead to information being shared. He said each of the 12 is being reviewed thoroughly to determine if the current policy will continue or not.

On providing information to lien holders of towed vehicles, this practice could be modified or discontinued.

“At the end of the day, [the state has] an abandoned vehicle process that already does that,” he said.

Some other information that is regularly sought after includes accident reports. For instance, if an insurance company is looking to change insurance rates, that’s when someone might want to see an accident report to clarify whether rates should go up or not. Minoli said that information was important for insurers.

“It’s how they set their rates, it’s how someone is determined what their rate is going to be,” she said. “There are many aggregates that actually capture this information from us.”

Smith was adamant to the committee that some personal data is never shared.

“[Here is] something that I think everybody should understand: You cannot get somebody’s photo, you cannot get medical information, you cannot get disability information, and you cannot get social security numbers,” he said.

Michael Bielawski is a reporter for True North. Send him news tips at and follow him on Twitter @TrueNorthMikeB.

Image courtesy of Michael Bielawski/TNR

6 thoughts on “Vermont DMV defends its use of personal data

  1. All the wind and posturing, yet no real specifics about what data IS sold.
    How’s about an itemized list!?! Forget the generalizations.

  2. There’s no end to it. Your IRS filings should be confidential, AIN’T. The kumputr (see your ad popups-they know everything about you) should be somewhat safe AIN’T. Tax filings in Montpelier should be confidential AIN’T. Telephone records should be confidential AIN’T. Facebook, Amazon, Google, Microsoft, Yahoo, etc should be somewhat confidential AIN’T. Local town records should be somewhat confidential AIN’T. Banking records, buy a car, use your credit/debit cards, make a working wage, what you buy, and how much air you breath (global warming /C02) everyone knows. Etc Etc. The gov and various companies requires you to submit your paperwork on everything you do. The transformed America.

    So nothing is surprising with these VT gov bureaucrats defending the act of releasing records, that’s their gov purpose. Unless there’s a cleaning of the swamp, it’ll only get worse. This is the gov people pay for. Getting worse than Stalin’s Russia.

    To be safe(r), do all transactions in cash (while that still exists). Deposit your money in the mattress bank.

  3. Who would pay $15 MILLION for DMV info if they weren’t some of the wildly nilly??? Thie sale of personal, private data is a blatant invasion of privacy. If this type of activity is sanction by the Drivers Privacy Protection Act, the Act is a farce designed to cover up the questionable use of private data to hide another source of questionable income. Again, the clowns in Montpelier just won another one for the Gipper.

  4. One question: what happened to the $15 million dollars that resulted from the sales of personal information? Where did it go?

Comments are closed.