Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:Let’s look at it this way. If someone breaks into Targets IT systems and steals the data, that’s a criminal act. If Target willingly hands it over, Target is the culpable party. If you sue Callie, she’ll file for bankruptcy, we get no benefit, and this stuff keeps happening. FCPS cares nothing about privacy of data. If they did, they would have spent the money on it last time this happened.

Nope. FCPS didn't "willingly" hand it over--it was accidental. And made more likely to happen by the endless badgering for information by Callie in an already stressed public school system. The real crime is that Callie "willingly" shared that information with others and published it online.
Unintentional leaks don't allow you to do whatever you want with the goods. We can sue Callie who intentionally acted wrongly with information AND we can lobby for better privacy protection. I think it's incredibly important to punish her and to deter people who think they can act with impunity with data that doesn't belong to them because they have some cause they are invested in.

It seems you don’t care that FCPS has no process to ensure this doesn’t happen. I don’t know Callie, but at least she scrubbed the data. What happens next time when a nefarious character doesn’t? Then what? What if it’s your kids’s personal non-scrubbed data out there that is used against them in the future. Then will you still feel like it’s not the school’s job? That they’re stressed and it’s a mistake? BS. FCPS has the responsibility to protect data, by state and federal laws. They have failed multiple times and do nothing to change it. And here you are making excuses they’re busy or stressed. What’s next? Blame the kids for having personal information?

Did you not notice that I said "AND" lobby for better privacy protection. But I work with data in a government setting--I know there are data and privacy errors all the time and we have a huge budget to protect this because we work with healthcare data. We have so much more money and there are still tons of human errors. School systems have to share information--they have to share IEP records, they have to share accommodations across teachers--to expect that they will never make mistakes is just unrealistic. Should there be more national level privacy data systems and strict protocol like they have in healthcare--yes, and people are working on that.

But only one person willingly acted wrongly with information and that person needs to be punished. She didn't scrub the data--she shared it identified with others first who decided to scrub the data AND they collectively decided to post it publicly??? She gave others access to the private data of 35000 kids knowingly. How can you POSSIBLY be advocating for not going after her??

As this thread has gone off into a territory with some people saying she should go to jail, others saying she's a hero, and others worrying she's posted all the data online-- I think it's important everyone be accurate. I don't want to be someone contributing to misinformation so in the spirit of getting productive conversation rather than back and forth recriminations--I went back and looked at what I've said to check. I may have wrote this post (I at least thought something like this!) and if so, I wanted to clarify it:

My current understanding is that we really don't know for sure what we shared with others. She wrote that she shared the information with a trusted journalist, but we don't know exactly what she shared though we can see that the journalist posted some images of what looks like sample files on line. We also can see files with partially redacted information posted on her website--files that in my opinion have too much identifiable information even if they don't have names. I don't have the heart to search for more based on what has already been found. I feel like I'm invading others' privacy by searching.

I think any parents whose children's data she had access to and who are not comfortable with this situation need to talk to lawyers with expertise in privacy/digital privacy to find out their options. I also think that it's really important to advocate for better data security from schools. I believe there are other threads focused on that.

I think this conversation is important to have in this space--so I hope everyone can take a step back from anger/frustration and generate productive ideas about what are the options and concerns for parents who are uncomfortable with the idea that a private person has accessed a lot of kids private data and we don't know what she has done/is doing/will do with it--and whether anyone has access to it and the level of security.

All great points. What baffles me on this is

1) why weren’t these people so irate 2 years ago when the same thing happened….with her? Is it the letter that came home or is everyone suddenly an advocate for digital privacy or are there paid actors on this post to take the heat off fcps?

2) Why is there such outrage she gave the data to a trusted reporter? Would you prefer she kept her findings quiet and sold the data on the black market and you weren’t aware for the next 10 years? Is this really a case of ignorance is bliss? With as common as these leaks are, this is an actual possibility. Nobody should be given more data than they are entitled to, period. Not one. Not 35,000.

I get people have questions. But there are people on this post inflaming the situation greatly with outright disinformation.

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:Virginia Law (https://law.lis.virginia.gov/vacodefull/title18.2/chapter5/article7.1/)

§ 18.2-152.5. Computer invasion of privacy; penalties.
A. A person is guilty of the crime of computer invasion of privacy when he uses a computer or computer network and intentionally examines without authority any employment, salary, credit or any other financial or identifying information, as defined in clauses (iii) through (xiii) of subsection C of § 18.2-186.3, relating to any other person. "Examination" under this section requires the offender to review the information relating to any other person after the time at which the offender knows or should know that he is without authority to view the information displayed.

B. The crime of computer invasion of privacy shall be punishable as a Class 1 misdemeanor.

C. Any person who violates this section after having been previously convicted of a violation of this section or any substantially similar laws of any other state or of the United States is guilty of a Class 6 felony.

D. Any person who violates this section and sells or distributes such information to another is guilty of a Class 6 felony.

E. Any person who violates this section and uses such information in the commission of another crime is guilty of a Class 6 felony.

The without authority is what kills this argument. She was handed the information. If this would have held up, they would have criminally charged her 2 years ago the last time this happened.

She did not have authority. FCPS couldn’t give her authorization, even inadvertently, to have those records because the parents never granted her access to them.

"Examination" under this section requires the offender to review the information relating to any other person after the time at which the offender knows or should know that he is without authority to view the information displayed.

She knew she didn’t have the authority to review the files. And yet she proceeded.

Anonymous wrote:FCPS is at fault, like wtf

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:Let’s look at it this way. If someone breaks into Targets IT systems and steals the data, that’s a criminal act. If Target willingly hands it over, Target is the culpable party. If you sue Callie, she’ll file for bankruptcy, we get no benefit, and this stuff keeps happening. FCPS cares nothing about privacy of data. If they did, they would have spent the money on it last time this happened.

Nope. FCPS didn't "willingly" hand it over--it was accidental. And made more likely to happen by the endless badgering for information by Callie in an already stressed public school system. The real crime is that Callie "willingly" shared that information with others and published it online.
Unintentional leaks don't allow you to do whatever you want with the goods. We can sue Callie who intentionally acted wrongly with information AND we can lobby for better privacy protection. I think it's incredibly important to punish her and to deter people who think they can act with impunity with data that doesn't belong to them because they have some cause they are invested in.

It seems you don’t care that FCPS has no process to ensure this doesn’t happen. I don’t know Callie, but at least she scrubbed the data. What happens next time when a nefarious character doesn’t? Then what? What if it’s your kids’s personal non-scrubbed data out there that is used against them in the future. Then will you still feel like it’s not the school’s job? That they’re stressed and it’s a mistake? BS. FCPS has the responsibility to protect data, by state and federal laws. They have failed multiple times and do nothing to change it. And here you are making excuses they’re busy or stressed. What’s next? Blame the kids for having personal information?

Did you not notice that I said "AND" lobby for better privacy protection. But I work with data in a government setting--I know there are data and privacy errors all the time and we have a huge budget to protect this because we work with healthcare data. We have so much more money and there are still tons of human errors. School systems have to share information--they have to share IEP records, they have to share accommodations across teachers--to expect that they will never make mistakes is just unrealistic. Should there be more national level privacy data systems and strict protocol like they have in healthcare--yes, and people are working on that.

But only one person willingly acted wrongly with information and that person needs to be punished. She didn't scrub the data--she shared it identified with others first who decided to scrub the data AND they collectively decided to post it publicly??? She gave others access to the private data of 35000 kids knowingly. How can you POSSIBLY be advocating for not going after her??

As this thread has gone off into a territory with some people saying she should go to jail, others saying she's a hero, and others worrying she's posted all the data online-- I think it's important everyone be accurate. I don't want to be someone contributing to misinformation so in the spirit of getting productive conversation rather than back and forth recriminations--I went back and looked at what I've said to check. I may have wrote this post (I at least thought something like this!) and if so, I wanted to clarify it:

My current understanding is that we really don't know for sure what we shared with others. She wrote that she shared the information with a trusted journalist, but we don't know exactly what she shared though we can see that the journalist posted some images of what looks like sample files on line. We also can see files with partially redacted information posted on her website--files that in my opinion have too much identifiable information even if they don't have names. I don't have the heart to search for more based on what has already been found. I feel like I'm invading others' privacy by searching.

I think any parents whose children's data she had access to and who are not comfortable with this situation need to talk to lawyers with expertise in privacy/digital privacy to find out their options. I also think that it's really important to advocate for better data security from schools. I believe there are other threads focused on that.

I think this conversation is important to have in this space--so I hope everyone can take a step back from anger/frustration and generate productive ideas about what are the options and concerns for parents who are uncomfortable with the idea that a private person has accessed a lot of kids private data and we don't know what she has done/is doing/will do with it--and whether anyone has access to it and the level of security.

All great points. What baffles me on this is

1) why weren’t these people so irate 2 years ago when the same thing happened….with her? Is it the letter that came home or is everyone suddenly an advocate for digital privacy or are there paid actors on this post to take the heat off fcps?

2) Why is there such outrage she gave the data to a trusted reporter? Would you prefer she kept her findings quiet and sold the data on the black market and you weren’t aware for the next 10 years? Is this really a case of ignorance is bliss? With as common as these leaks are, this is an actual possibility. Nobody should be given more data than they are entitled to, period. Not one. Not 35,000.

I get people have questions. But there are people on this post inflaming the situation greatly with outright disinformation.

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:Let’s look at it this way. If someone breaks into Targets IT systems and steals the data, that’s a criminal act. If Target willingly hands it over, Target is the culpable party. If you sue Callie, she’ll file for bankruptcy, we get no benefit, and this stuff keeps happening. FCPS cares nothing about privacy of data. If they did, they would have spent the money on it last time this happened.

Nope. FCPS didn't "willingly" hand it over--it was accidental. And made more likely to happen by the endless badgering for information by Callie in an already stressed public school system. The real crime is that Callie "willingly" shared that information with others and published it online.
Unintentional leaks don't allow you to do whatever you want with the goods. We can sue Callie who intentionally acted wrongly with information AND we can lobby for better privacy protection. I think it's incredibly important to punish her and to deter people who think they can act with impunity with data that doesn't belong to them because they have some cause they are invested in.

It seems you don’t care that FCPS has no process to ensure this doesn’t happen. I don’t know Callie, but at least she scrubbed the data. What happens next time when a nefarious character doesn’t? Then what? What if it’s your kids’s personal non-scrubbed data out there that is used against them in the future. Then will you still feel like it’s not the school’s job? That they’re stressed and it’s a mistake? BS. FCPS has the responsibility to protect data, by state and federal laws. They have failed multiple times and do nothing to change it. And here you are making excuses they’re busy or stressed. What’s next? Blame the kids for having personal information?

Did you not notice that I said "AND" lobby for better privacy protection. But I work with data in a government setting--I know there are data and privacy errors all the time and we have a huge budget to protect this because we work with healthcare data. We have so much more money and there are still tons of human errors. School systems have to share information--they have to share IEP records, they have to share accommodations across teachers--to expect that they will never make mistakes is just unrealistic. Should there be more national level privacy data systems and strict protocol like they have in healthcare--yes, and people are working on that.

But only one person willingly acted wrongly with information and that person needs to be punished. She didn't scrub the data--she shared it identified with others first who decided to scrub the data AND they collectively decided to post it publicly??? She gave others access to the private data of 35000 kids knowingly. How can you POSSIBLY be advocating for not going after her??

As this thread has gone off into a territory with some people saying she should go to jail, others saying she's a hero, and others worrying she's posted all the data online-- I think it's important everyone be accurate. I don't want to be someone contributing to misinformation so in the spirit of getting productive conversation rather than back and forth recriminations--I went back and looked at what I've said to check. I may have wrote this post (I at least thought something like this!) and if so, I wanted to clarify it:

My current understanding is that we really don't know for sure what we shared with others. She wrote that she shared the information with a trusted journalist, but we don't know exactly what she shared though we can see that the journalist posted some images of what looks like sample files on line. We also can see files with partially redacted information posted on her website--files that in my opinion have too much identifiable information even if they don't have names. I don't have the heart to search for more based on what has already been found. I feel like I'm invading others' privacy by searching.

I think any parents whose children's data she had access to and who are not comfortable with this situation need to talk to lawyers with expertise in privacy/digital privacy to find out their options. I also think that it's really important to advocate for better data security from schools. I believe there are other threads focused on that.

I think this conversation is important to have in this space--so I hope everyone can take a step back from anger/frustration and generate productive ideas about what are the options and concerns for parents who are uncomfortable with the idea that a private person has accessed a lot of kids private data and we don't know what she has done/is doing/will do with it--and whether anyone has access to it and the level of security.

All great points. What baffles me on this is

1) why weren’t these people so irate 2 years ago when the same thing happened….with her? Is it the letter that came home or is everyone suddenly an advocate for digital privacy or are there paid actors on this post to take the heat off fcps?

2) Why is there such outrage she gave the data to a trusted reporter? Would you prefer she kept her findings quiet and sold the data on the black market and you weren’t aware for the next 10 years? Is this really a case of ignorance is bliss? With as common as these leaks are, this is an actual possibility. Nobody should be given more data than they are entitled to, period. Not one. Not 35,000.

I get people have questions. But there are people on this post inflaming the situation greatly with outright disinformation.

This happens literally all the time. It was a matter of time before someone used the data. At least it was somewhat redacted and not posted in full by some teenagers on 4chan

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:Let’s look at it this way. If someone breaks into Targets IT systems and steals the data, that’s a criminal act. If Target willingly hands it over, Target is the culpable party. If you sue Callie, she’ll file for bankruptcy, we get no benefit, and this stuff keeps happening. FCPS cares nothing about privacy of data. If they did, they would have spent the money on it last time this happened.

Nope. FCPS didn't "willingly" hand it over--it was accidental. And made more likely to happen by the endless badgering for information by Callie in an already stressed public school system. The real crime is that Callie "willingly" shared that information with others and published it online.
Unintentional leaks don't allow you to do whatever you want with the goods. We can sue Callie who intentionally acted wrongly with information AND we can lobby for better privacy protection. I think it's incredibly important to punish her and to deter people who think they can act with impunity with data that doesn't belong to them because they have some cause they are invested in.

It seems you don’t care that FCPS has no process to ensure this doesn’t happen. I don’t know Callie, but at least she scrubbed the data. What happens next time when a nefarious character doesn’t? Then what? What if it’s your kids’s personal non-scrubbed data out there that is used against them in the future. Then will you still feel like it’s not the school’s job? That they’re stressed and it’s a mistake? BS. FCPS has the responsibility to protect data, by state and federal laws. They have failed multiple times and do nothing to change it. And here you are making excuses they’re busy or stressed. What’s next? Blame the kids for having personal information?

Did you not notice that I said "AND" lobby for better privacy protection. But I work with data in a government setting--I know there are data and privacy errors all the time and we have a huge budget to protect this because we work with healthcare data. We have so much more money and there are still tons of human errors. School systems have to share information--they have to share IEP records, they have to share accommodations across teachers--to expect that they will never make mistakes is just unrealistic. Should there be more national level privacy data systems and strict protocol like they have in healthcare--yes, and people are working on that.

But only one person willingly acted wrongly with information and that person needs to be punished. She didn't scrub the data--she shared it identified with others first who decided to scrub the data AND they collectively decided to post it publicly??? She gave others access to the private data of 35000 kids knowingly. How can you POSSIBLY be advocating for not going after her??

As this thread has gone off into a territory with some people saying she should go to jail, others saying she's a hero, and others worrying she's posted all the data online-- I think it's important everyone be accurate. I don't want to be someone contributing to misinformation so in the spirit of getting productive conversation rather than back and forth recriminations--I went back and looked at what I've said to check. I may have wrote this post (I at least thought something like this!) and if so, I wanted to clarify it:

My current understanding is that we really don't know for sure what we shared with others. She wrote that she shared the information with a trusted journalist, but we don't know exactly what she shared though we can see that the journalist posted some images of what looks like sample files on line. We also can see files with partially redacted information posted on her website--files that in my opinion have too much identifiable information even if they don't have names. I don't have the heart to search for more based on what has already been found. I feel like I'm invading others' privacy by searching.

I think any parents whose children's data she had access to and who are not comfortable with this situation need to talk to lawyers with expertise in privacy/digital privacy to find out their options. I also think that it's really important to advocate for better data security from schools. I believe there are other threads focused on that.

I think this conversation is important to have in this space--so I hope everyone can take a step back from anger/frustration and generate productive ideas about what are the options and concerns for parents who are uncomfortable with the idea that a private person has accessed a lot of kids private data and we don't know what she has done/is doing/will do with it--and whether anyone has access to it and the level of security.

All great points. What baffles me on this is

1) why weren’t these people so irate 2 years ago when the same thing happened….with her? Is it the letter that came home or is everyone suddenly an advocate for digital privacy or are there paid actors on this post to take the heat off fcps?

2) Why is there such outrage she gave the data to a trusted reporter? Would you prefer she kept her findings quiet and sold the data on the black market and you weren’t aware for the next 10 years? Is this really a case of ignorance is bliss? With as common as these leaks are, this is an actual possibility. Nobody should be given more data than they are entitled to, period. Not one. Not 35,000.

I get people have questions. But there are people on this post inflaming the situation greatly with outright disinformation.

This happens literally all the time. It was a matter of time before someone used the data. At least it was somewhat redacted and not posted in full by some teenagers on 4chan

This is my fear too. And fcps’s cybersecurity is so weak, it could be years before it was discovered a (or 35,000) ssn’s were compromised and used on the dark web to default on lines of credit or medical bills.

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:Let’s look at it this way. If someone breaks into Targets IT systems and steals the data, that’s a criminal act. If Target willingly hands it over, Target is the culpable party. If you sue Callie, she’ll file for bankruptcy, we get no benefit, and this stuff keeps happening. FCPS cares nothing about privacy of data. If they did, they would have spent the money on it last time this happened.

Nope. FCPS didn't "willingly" hand it over--it was accidental. And made more likely to happen by the endless badgering for information by Callie in an already stressed public school system. The real crime is that Callie "willingly" shared that information with others and published it online.
Unintentional leaks don't allow you to do whatever you want with the goods. We can sue Callie who intentionally acted wrongly with information AND we can lobby for better privacy protection. I think it's incredibly important to punish her and to deter people who think they can act with impunity with data that doesn't belong to them because they have some cause they are invested in.

It seems you don’t care that FCPS has no process to ensure this doesn’t happen. I don’t know Callie, but at least she scrubbed the data. What happens next time when a nefarious character doesn’t? Then what? What if it’s your kids’s personal non-scrubbed data out there that is used against them in the future. Then will you still feel like it’s not the school’s job? That they’re stressed and it’s a mistake? BS. FCPS has the responsibility to protect data, by state and federal laws. They have failed multiple times and do nothing to change it. And here you are making excuses they’re busy or stressed. What’s next? Blame the kids for having personal information?

Did you not notice that I said "AND" lobby for better privacy protection. But I work with data in a government setting--I know there are data and privacy errors all the time and we have a huge budget to protect this because we work with healthcare data. We have so much more money and there are still tons of human errors. School systems have to share information--they have to share IEP records, they have to share accommodations across teachers--to expect that they will never make mistakes is just unrealistic. Should there be more national level privacy data systems and strict protocol like they have in healthcare--yes, and people are working on that.

But only one person willingly acted wrongly with information and that person needs to be punished. She didn't scrub the data--she shared it identified with others first who decided to scrub the data AND they collectively decided to post it publicly??? She gave others access to the private data of 35000 kids knowingly. How can you POSSIBLY be advocating for not going after her??

As this thread has gone off into a territory with some people saying she should go to jail, others saying she's a hero, and others worrying she's posted all the data online-- I think it's important everyone be accurate. I don't want to be someone contributing to misinformation so in the spirit of getting productive conversation rather than back and forth recriminations--I went back and looked at what I've said to check. I may have wrote this post (I at least thought something like this!) and if so, I wanted to clarify it:

My current understanding is that we really don't know for sure what we shared with others. She wrote that she shared the information with a trusted journalist, but we don't know exactly what she shared though we can see that the journalist posted some images of what looks like sample files on line. We also can see files with partially redacted information posted on her website--files that in my opinion have too much identifiable information even if they don't have names. I don't have the heart to search for more based on what has already been found. I feel like I'm invading others' privacy by searching.

I think any parents whose children's data she had access to and who are not comfortable with this situation need to talk to lawyers with expertise in privacy/digital privacy to find out their options. I also think that it's really important to advocate for better data security from schools. I believe there are other threads focused on that.

I think this conversation is important to have in this space--so I hope everyone can take a step back from anger/frustration and generate productive ideas about what are the options and concerns for parents who are uncomfortable with the idea that a private person has accessed a lot of kids private data and we don't know what she has done/is doing/will do with it--and whether anyone has access to it and the level of security.

All great points. What baffles me on this is

1) why weren’t these people so irate 2 years ago when the same thing happened….with her? Is it the letter that came home or is everyone suddenly an advocate for digital privacy or are there paid actors on this post to take the heat off fcps?

2) Why is there such outrage she gave the data to a trusted reporter? Would you prefer she kept her findings quiet and sold the data on the black market and you weren’t aware for the next 10 years? Is this really a case of ignorance is bliss? With as common as these leaks are, this is an actual possibility. Nobody should be given more data than they are entitled to, period. Not one. Not 35,000.

I get people have questions. But there are people on this post inflaming the situation greatly with outright disinformation.

This happens literally all the time. It was a matter of time before someone used the data. At least it was somewhat redacted and not posted in full by some teenagers on 4chan

This is my fear too. And fcps’s cybersecurity is so weak, it could be years before it was discovered a (or 35,000) ssn’s were compromised and used on the dark web to default on lines of credit or medical bills.

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:Let’s look at it this way. If someone breaks into Targets IT systems and steals the data, that’s a criminal act. If Target willingly hands it over, Target is the culpable party. If you sue Callie, she’ll file for bankruptcy, we get no benefit, and this stuff keeps happening. FCPS cares nothing about privacy of data. If they did, they would have spent the money on it last time this happened.

Nope. FCPS didn't "willingly" hand it over--it was accidental. And made more likely to happen by the endless badgering for information by Callie in an already stressed public school system. The real crime is that Callie "willingly" shared that information with others and published it online.
Unintentional leaks don't allow you to do whatever you want with the goods. We can sue Callie who intentionally acted wrongly with information AND we can lobby for better privacy protection. I think it's incredibly important to punish her and to deter people who think they can act with impunity with data that doesn't belong to them because they have some cause they are invested in.

It seems you don’t care that FCPS has no process to ensure this doesn’t happen. I don’t know Callie, but at least she scrubbed the data. What happens next time when a nefarious character doesn’t? Then what? What if it’s your kids’s personal non-scrubbed data out there that is used against them in the future. Then will you still feel like it’s not the school’s job? That they’re stressed and it’s a mistake? BS. FCPS has the responsibility to protect data, by state and federal laws. They have failed multiple times and do nothing to change it. And here you are making excuses they’re busy or stressed. What’s next? Blame the kids for having personal information?

Did you not notice that I said "AND" lobby for better privacy protection. But I work with data in a government setting--I know there are data and privacy errors all the time and we have a huge budget to protect this because we work with healthcare data. We have so much more money and there are still tons of human errors. School systems have to share information--they have to share IEP records, they have to share accommodations across teachers--to expect that they will never make mistakes is just unrealistic. Should there be more national level privacy data systems and strict protocol like they have in healthcare--yes, and people are working on that.

But only one person willingly acted wrongly with information and that person needs to be punished. She didn't scrub the data--she shared it identified with others first who decided to scrub the data AND they collectively decided to post it publicly??? She gave others access to the private data of 35000 kids knowingly. How can you POSSIBLY be advocating for not going after her??

As this thread has gone off into a territory with some people saying she should go to jail, others saying she's a hero, and others worrying she's posted all the data online-- I think it's important everyone be accurate. I don't want to be someone contributing to misinformation so in the spirit of getting productive conversation rather than back and forth recriminations--I went back and looked at what I've said to check. I may have wrote this post (I at least thought something like this!) and if so, I wanted to clarify it:

My current understanding is that we really don't know for sure what we shared with others. She wrote that she shared the information with a trusted journalist, but we don't know exactly what she shared though we can see that the journalist posted some images of what looks like sample files on line. We also can see files with partially redacted information posted on her website--files that in my opinion have too much identifiable information even if they don't have names. I don't have the heart to search for more based on what has already been found. I feel like I'm invading others' privacy by searching.

I think any parents whose children's data she had access to and who are not comfortable with this situation need to talk to lawyers with expertise in privacy/digital privacy to find out their options. I also think that it's really important to advocate for better data security from schools. I believe there are other threads focused on that.

I think this conversation is important to have in this space--so I hope everyone can take a step back from anger/frustration and generate productive ideas about what are the options and concerns for parents who are uncomfortable with the idea that a private person has accessed a lot of kids private data and we don't know what she has done/is doing/will do with it--and whether anyone has access to it and the level of security.

All great points. What baffles me on this is

1) why weren’t these people so irate 2 years ago when the same thing happened….with her? Is it the letter that came home or is everyone suddenly an advocate for digital privacy or are there paid actors on this post to take the heat off fcps?

2) Why is there such outrage she gave the data to a trusted reporter? Would you prefer she kept her findings quiet and sold the data on the black market and you weren’t aware for the next 10 years? Is this really a case of ignorance is bliss? With as common as these leaks are, this is an actual possibility. Nobody should be given more data than they are entitled to, period. Not one. Not 35,000.

I get people have questions. But there are people on this post inflaming the situation greatly with outright disinformation.

This happens literally all the time. It was a matter of time before someone used the data. At least it was somewhat redacted and not posted in full by some teenagers on 4chan

This is my fear too. And fcps’s cybersecurity is so weak, it could be years before it was discovered a (or 35,000) ssn’s were compromised and used on the dark web to default on lines of credit or medical bills.

Not to mention that Oettinger also had/has all this data, seems to have shared it, and we have no idea about her/their cybersecurity!

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:Let’s look at it this way. If someone breaks into Targets IT systems and steals the data, that’s a criminal act. If Target willingly hands it over, Target is the culpable party. If you sue Callie, she’ll file for bankruptcy, we get no benefit, and this stuff keeps happening. FCPS cares nothing about privacy of data. If they did, they would have spent the money on it last time this happened.

Nope. FCPS didn't "willingly" hand it over--it was accidental. And made more likely to happen by the endless badgering for information by Callie in an already stressed public school system. The real crime is that Callie "willingly" shared that information with others and published it online.
Unintentional leaks don't allow you to do whatever you want with the goods. We can sue Callie who intentionally acted wrongly with information AND we can lobby for better privacy protection. I think it's incredibly important to punish her and to deter people who think they can act with impunity with data that doesn't belong to them because they have some cause they are invested in.

It seems you don’t care that FCPS has no process to ensure this doesn’t happen. I don’t know Callie, but at least she scrubbed the data. What happens next time when a nefarious character doesn’t? Then what? What if it’s your kids’s personal non-scrubbed data out there that is used against them in the future. Then will you still feel like it’s not the school’s job? That they’re stressed and it’s a mistake? BS. FCPS has the responsibility to protect data, by state and federal laws. They have failed multiple times and do nothing to change it. And here you are making excuses they’re busy or stressed. What’s next? Blame the kids for having personal information?

Did you not notice that I said "AND" lobby for better privacy protection. But I work with data in a government setting--I know there are data and privacy errors all the time and we have a huge budget to protect this because we work with healthcare data. We have so much more money and there are still tons of human errors. School systems have to share information--they have to share IEP records, they have to share accommodations across teachers--to expect that they will never make mistakes is just unrealistic. Should there be more national level privacy data systems and strict protocol like they have in healthcare--yes, and people are working on that.

But only one person willingly acted wrongly with information and that person needs to be punished. She didn't scrub the data--she shared it identified with others first who decided to scrub the data AND they collectively decided to post it publicly??? She gave others access to the private data of 35000 kids knowingly. How can you POSSIBLY be advocating for not going after her??

As this thread has gone off into a territory with some people saying she should go to jail, others saying she's a hero, and others worrying she's posted all the data online-- I think it's important everyone be accurate. I don't want to be someone contributing to misinformation so in the spirit of getting productive conversation rather than back and forth recriminations--I went back and looked at what I've said to check. I may have wrote this post (I at least thought something like this!) and if so, I wanted to clarify it:

My current understanding is that we really don't know for sure what we shared with others. She wrote that she shared the information with a trusted journalist, but we don't know exactly what she shared though we can see that the journalist posted some images of what looks like sample files on line. We also can see files with partially redacted information posted on her website--files that in my opinion have too much identifiable information even if they don't have names. I don't have the heart to search for more based on what has already been found. I feel like I'm invading others' privacy by searching.

I think any parents whose children's data she had access to and who are not comfortable with this situation need to talk to lawyers with expertise in privacy/digital privacy to find out their options. I also think that it's really important to advocate for better data security from schools. I believe there are other threads focused on that.

I think this conversation is important to have in this space--so I hope everyone can take a step back from anger/frustration and generate productive ideas about what are the options and concerns for parents who are uncomfortable with the idea that a private person has accessed a lot of kids private data and we don't know what she has done/is doing/will do with it--and whether anyone has access to it and the level of security.

All great points. What baffles me on this is

1) why weren’t these people so irate 2 years ago when the same thing happened….with her? Is it the letter that came home or is everyone suddenly an advocate for digital privacy or are there paid actors on this post to take the heat off fcps?

2) Why is there such outrage she gave the data to a trusted reporter? Would you prefer she kept her findings quiet and sold the data on the black market and you weren’t aware for the next 10 years? Is this really a case of ignorance is bliss? With as common as these leaks are, this is an actual possibility. Nobody should be given more data than they are entitled to, period. Not one. Not 35,000.

I get people have questions. But there are people on this post inflaming the situation greatly with outright disinformation.

This happens literally all the time. It was a matter of time before someone used the data. At least it was somewhat redacted and not posted in full by some teenagers on 4chan

This is my fear too. And fcps’s cybersecurity is so weak, it could be years before it was discovered a (or 35,000) ssn’s were compromised and used on the dark web to default on lines of credit or medical bills.

Not to mention that Oettinger also had/has all this data, seems to have shared it, and we have no idea about her/their cybersecurity!

She's not going to be stealing your kids SSN numbers

Anonymous wrote:

Anonymous wrote:FCPS is at fault, like wtf

Fcps has a lot of people hired especially to post on DCUM, apparently

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:

Anonymous wrote:Let’s look at it this way. If someone breaks into Targets IT systems and steals the data, that’s a criminal act. If Target willingly hands it over, Target is the culpable party. If you sue Callie, she’ll file for bankruptcy, we get no benefit, and this stuff keeps happening. FCPS cares nothing about privacy of data. If they did, they would have spent the money on it last time this happened.

Nope. FCPS didn't "willingly" hand it over--it was accidental. And made more likely to happen by the endless badgering for information by Callie in an already stressed public school system. The real crime is that Callie "willingly" shared that information with others and published it online.
Unintentional leaks don't allow you to do whatever you want with the goods. We can sue Callie who intentionally acted wrongly with information AND we can lobby for better privacy protection. I think it's incredibly important to punish her and to deter people who think they can act with impunity with data that doesn't belong to them because they have some cause they are invested in.

It seems you don’t care that FCPS has no process to ensure this doesn’t happen. I don’t know Callie, but at least she scrubbed the data. What happens next time when a nefarious character doesn’t? Then what? What if it’s your kids’s personal non-scrubbed data out there that is used against them in the future. Then will you still feel like it’s not the school’s job? That they’re stressed and it’s a mistake? BS. FCPS has the responsibility to protect data, by state and federal laws. They have failed multiple times and do nothing to change it. And here you are making excuses they’re busy or stressed. What’s next? Blame the kids for having personal information?

Did you not notice that I said "AND" lobby for better privacy protection. But I work with data in a government setting--I know there are data and privacy errors all the time and we have a huge budget to protect this because we work with healthcare data. We have so much more money and there are still tons of human errors. School systems have to share information--they have to share IEP records, they have to share accommodations across teachers--to expect that they will never make mistakes is just unrealistic. Should there be more national level privacy data systems and strict protocol like they have in healthcare--yes, and people are working on that.

But only one person willingly acted wrongly with information and that person needs to be punished. She didn't scrub the data--she shared it identified with others first who decided to scrub the data AND they collectively decided to post it publicly??? She gave others access to the private data of 35000 kids knowingly. How can you POSSIBLY be advocating for not going after her??

As this thread has gone off into a territory with some people saying she should go to jail, others saying she's a hero, and others worrying she's posted all the data online-- I think it's important everyone be accurate. I don't want to be someone contributing to misinformation so in the spirit of getting productive conversation rather than back and forth recriminations--I went back and looked at what I've said to check. I may have wrote this post (I at least thought something like this!) and if so, I wanted to clarify it:

My current understanding is that we really don't know for sure what we shared with others. She wrote that she shared the information with a trusted journalist, but we don't know exactly what she shared though we can see that the journalist posted some images of what looks like sample files on line. We also can see files with partially redacted information posted on her website--files that in my opinion have too much identifiable information even if they don't have names. I don't have the heart to search for more based on what has already been found. I feel like I'm invading others' privacy by searching.

I think any parents whose children's data she had access to and who are not comfortable with this situation need to talk to lawyers with expertise in privacy/digital privacy to find out their options. I also think that it's really important to advocate for better data security from schools. I believe there are other threads focused on that.

I think this conversation is important to have in this space--so I hope everyone can take a step back from anger/frustration and generate productive ideas about what are the options and concerns for parents who are uncomfortable with the idea that a private person has accessed a lot of kids private data and we don't know what she has done/is doing/will do with it--and whether anyone has access to it and the level of security.

All great points. What baffles me on this is

1) why weren’t these people so irate 2 years ago when the same thing happened….with her? Is it the letter that came home or is everyone suddenly an advocate for digital privacy or are there paid actors on this post to take the heat off fcps?

2) Why is there such outrage she gave the data to a trusted reporter? Would you prefer she kept her findings quiet and sold the data on the black market and you weren’t aware for the next 10 years? Is this really a case of ignorance is bliss? With as common as these leaks are, this is an actual possibility. Nobody should be given more data than they are entitled to, period. Not one. Not 35,000.

I get people have questions. But there are people on this post inflaming the situation greatly with outright disinformation.

This happens literally all the time. It was a matter of time before someone used the data. At least it was somewhat redacted and not posted in full by some teenagers on 4chan

This is my fear too. And fcps’s cybersecurity is so weak, it could be years before it was discovered a (or 35,000) ssn’s were compromised and used on the dark web to default on lines of credit or medical bills.

Not to mention that Oettinger also had/has all this data, seems to have shared it, and we have no idea about her/their cybersecurity!

She's not going to be stealing your kids SSN numbers

How can you be so sure? We don't know who else saw the data because of her.