Bodah v. Lakeville Motor Express, 649 N.W.2d 859 (Minn. App. 2002)
Background. Churches, like any other employer, frequently disclose the social security numbers of their employees. Do such disclosures expose a church to legal liability? That depends. In general, the disclosure of social security numbers will not expose a church to liability when required by law. The most common example would be using employees’ social security numbers in connection with state and federal payroll tax reporting. In addition, the disclosure of social security numbers in various transactions that are relevant to the enforcement of federal or state tax laws is also permitted. A common example would be the use of social security numbers on certain banking and financial transactions and some employment records.
But in some cases churches disclose employees’ social security numbers without being legally required to do so and without the employees’ consent. Here are some common examples of how this can occur:
- A church uses a company to conduct criminal records checks on persons who will work with minors. The company requires social security numbers in order to conduct criminal records checks.
- A church uses a company to conduct a credit check on employees who will have access to church funds. The company requires social security numbers in order to conduct criminal records checks.
- A church’s health insurer requires the social security numbers of all church employees.
- A church’s pension plan requires the social security numbers of all participating employees.
- A church provides life insurance for some employees. The insurer requires the social security number of each insured employee.
- A church retains a copy of the driver’s license of every employee and volunteer who drives a vehicle on church business. Many of these copies contain the driver’s social security number.
- A church applies for a credit card. The credit card issuer requires the social security numbers of the senior pastor and church treasurer.
Can a church or other employer be liable for such disclosures, when not specifically authorized by the employee? That was the question before a Minnesota court in a recent case.
Facts. The safety director of a trucking company faxed the names and social security numbers of its 204 drivers to 16 terminals in 6 states in order to facilitate the reporting of accidents to its insurance company. The company owned some of the terminals, and the others acted as its agents. Some of the drivers learned of the disclosure of their social security numbers and expressed concern about “identify theft.” They filed a class action lawsuit against the company on behalf of all the drivers, claiming that its disclosure of the social security numbers amounted to an invasion of privacy.
A trial court dismissed the lawsuit. It noted that an invasion of privacy requires the public disclosure of private facts, and that the company’s communication to 16 terminal managers, who were the company’s employees or agents, constituted a private communication rather than a public one and therefore there was no invasion of privacy. The drivers appealed.
The court’s ruling. The court noted that the publication of private facts constitutes an invasion of privacy when one “gives publicity to a matter concerning the private life of another if the matter publicized is of a kind that (a) would be highly offensive to a reasonable person, and (b) is not of legitimate concern to the public.” The court then addressed the key questions of whether social security numbers are private facts, and whether the company “published” private facts.
Private facts
The court concluded that social security numbers are private facts. It observed,
Social security numbers are broadly recognized as confidential information… . They are a key to identity in our society. Unlike certain information such as medical conditions, social security numbers are not on their face revealing, compromising, or embarrassing. They are, however, such a significant identifier that they facilitate access by others to many of our most personal and private records and can enable someone to impersonate us to our embarrassment or financial loss. This is part of the so-called identity-theft phenomenon that is an increasing risk and problem in our society. Unlike a telephone number or even a name, an individual’s social security number serves as a unique identifier that cannot be changed and is not generally disclosed by individuals to the public.
Although social security numbers are private, they are available in a wide range of contexts in our society. We provide them to others continuously. One is daily exposed to the risk that someone at work, a government office, school, an accountant’s office, a financial institution, or dozens of other settings may improperly use our social security numbers or provide these numbers to others who will do so. Misappropriation of social security numbers is a pervasive risk of modern life. In all of the settings where these numbers are available, however, the entities with that information and their employees are bound by contractual and legal constraints to hold our social security numbers in confidence. Given the very sensitive and important nature of the social security numbers, these constraints are important to a functioning society.
Key point. A federal appeals court has observed, “The harm that can be inflicted from the disclosure of a social security number to an unscrupulous individual is alarming and potentially financially ruinous.”
Key point. Another federal appeals court has noted, “In an era of rampant identity theft, concern regarding the dissemination of social security numbers is no longer reserved for libertarians inveighing against the specter of national identity cards. Armed with one’s social security number, an unscrupulous individual could obtain a person’s welfare benefits or Social Security benefits, order new checks at a new address on that person’s checking account, obtain credit cards, or even obtain a person’s paycheck.”
Publication
To be an invasion of privacy, private facts about another must have been publicly disclosed (“publicized”). Did disclosure of social security numbers to 16 managers constitute public disclosure? The court noted that “given the strong interest of society in protecting information like social security numbers, the standard must be appropriate to the situation.” The court concluded that the social security numbers had been publicly disclosed:
In this case, the company faxed the social security numbers of 204 employees to 16 terminals in six states. Although addressed to the managers of these terminals, the number of persons who saw the fax is unknown. Fax transmissions typically lie in a tray. Ideally they are immediately picked up by the designated person or a trusted employee. The transmission, however, may be viewed and copied by any person in the vicinity of the machine. Once removed from the fax machine, the pages may be promptly filed or left on a counter available to any passerby to read or copy, or even posted on a bulletin board. Traffic patterns in the office areas of 16 terminals are unknown. Although it is not clearly public … many people may have seen the information.
Another key factor in determining whether the requisite publication has occurred is the nature of the private data and the damage. Social security numbers are not embarrassing personal-life details like an extramarital affair, nude photos, bad grades, an abortion, mental health problems, or financial difficulties depicted in many of the cited cases. Plainly, one does not want such tantalizing information publicized. Social security numbers are dry, sterile figures. But they are a private detail that enables the data voyeur to snoop or the thief to access financial details. A rash of identity theft incidents may flow from one disclosure. On the other hand, widespread dissemination of social security numbers within a business setting may not lead to any untoward results. Moreover, a person’s bank account numbers, credit card numbers, personal identification numbers (PIN), and other similar identifiers may be considered just as sensitive as social security numbers. The damage is the substantial risk for misuse or illegal use of an individual’s identity or financial information, not personal embarrassment. In this social security number setting, the problem is that any unnecessary display or dissemination of the private data is a serious threat.
The employer insisted that there was no public disclosure of private facts because it instructed the 16 terminal managers to return or destroy the social security number information. The court disagreed, “Possibly, they did this. However, we cannot assume its best intentions actually were carried out. If copies of the transmission had been made, retrieving all copies is difficult. If not properly contained at each of the 16 terminals, what was a modest circulation to 16 managers could easily be transformed into a widespread dissemination of the material.”
Relevance to church treasurers. This case contains a number of important lessons for church treasurers.
1. Social security numbers must be considered private facts, whose unauthorized and public disclosure will expose a church to potential liability for invasion of privacy.
2. The risk of invasion of privacy can be reduced if employees consent to the disclosure of private information. Such consents should be in writing; they should be written in clear and unambiguous language; and, they should be completely voluntary.
3. Invasion of privacy occurs when private facts are publicly disclosed. As the court in this case observed, public disclosure may occur even if private facts are shared with only a few people if there is a possibility that the facts were further disseminated after being received by the original recipients. This kind of “expanding dissemination” often occurs when private facts are communicated by fax or email.
This article first appeared in Church Treasurer Alert, September 2003.