And, who knows when they will decide to leak some of it to the rag? Scary.

Ok Big little shrimp, you must be a member of the BOS. Because this is exactly what they do, read part of a law and apply it to what ever works for them. Better go back and do a little research about the privacy regarding the data of law enforcement computers used for investigation. Gee maybe thats why they have a secure site and server.  Do your homework don't just throw shit out there like you always do, trying to convince the uneducated of your untruths and exaggerations.  Or better yet call Tim Cruz and ask him, he will be glad to inform you if he hasn't already regarding the information secured for law enforcement purposes only which you took and gave to god knows who and a convicted felon on the BOS.

bigshrimpin wrote:

Almost every company and government agency have acceptable use policies that prohibit storing this kind of sensitive information locally on a computer.  Usually these policies are derived from Laws like Sarbanes-Oxley (Banking), HIPAA (Medical records) and others that pertain to management and storage of sensitive data.   I don't know what the PD uses . . . but I can guarantee there is some kind law prohibiting storing sensitive data locally (on a PC).  Generally speaking . . . violation of an acceptable use policy is grounds for immediate termination.  If the police were careless and storing any sensitive data locally on their PC . . . they should be fired

This is factually incorrect on a number of levels.  Yes, companies/agencies have acceptable use policies.  But they almost never prohibit storing of sensitive information locally.  They usually say something like "Data on the computer must be for business/official use only blahblahblah".  In the police department, the information listed above is exactly what would be needed for official use.  SoX is not banking-specific - it applies primarily to all publicly-traded companies in the US, and makes headaches for internationals/privates as well.  Either you were thinking of GLBA or you're just misinformed.  There aren't any laws regulating the type of information in the post.  Most regulations cover healthcare - HIPAA, financial information (GLBA), student information (FERPA), credit card information (PCI - though technically a standard and not a regulation) or other specifics.  There are a number of state laws covering "personally identifiable information" (PII)/"non public personal information" (NPPI) - most of these cover disclosure of loss of the data, but MA is the leader in proactive legislation around this type of data.  Here we're talking about first name and last name, or first initial and last name, combined with a SSN, driver's license #, or financial account number.  All of these laws are based on a CA state law known as CA SB 1386, which was the first data breach disclosure law in the US.  There's no law covering protection of electronic copies of witness information, investigations, etc. 

While violation of an AUP is generally grounds for "disciplinary action up to and including termination" (that's the standard langauge that i've seen in EVERY AUP I've come across), one has to be careful in applying it.  If one person gets fired for violating it, then *everybody* who violates it has to be fired, else you expose yourself to a deluge of lawsuits.  Realistically, if an AUP is in place (which we're not sure it was), then there's something in there that everybody in the organization has violated.  It's sorta like how the feds nailed Capone for tax evasion, not for murder - if you're looking for a way to get rid of someone, you can probably find an option there.

iliveinazoo wrote:

I suppose if we had ever properly funded our PD to invest in the proper technology then this wouldn't be an issue now would it?

You can say that again. Did the request for the new cruiser laptops pass at town meeting? Have you ever peaked through a Wareham cruiser window? Some of the police laptops look like they were bought around ten years ago and are duck taped together to prevent the computer screen from falling off.