*Megan Reiss co-authored this piece.

We all know drugs, guns, and junk food are bad for kids. But now, children — specifically those involved in the juvenile justice system — are subject to a new danger: data breaches.

From computerized rap sheets to DNA databases and gang registries, records are no longer stored in file cabinets and card catalogs at local precincts. Instead, these records exist in digital form, lasting until the end of time, never to be forgotten. With information-sharing between agencies flourishing, and with information more easily accessible, cybersecurity for system-involved youth has become a new area of concern.

Just a few months ago, a data breachinvolving a Texas Department of Agriculture employee’s laptop exposed the personal information of students in 39 Texas school districts, including those in the Dallas County Juvenile Department. In California, the Hillsides child welfare agency reported a data breach after discovering that an employee had compromised the protected health information of 502 clients. And in Pennsylvania, a breach involving a third-party vendor exposed information on 1,800 childreninvolved in the child welfare system.

Why are data breaches affecting juveniles so troubling? Because juveniles are children — and, as the Supreme Court has articulated, “children are different” from adults when it comes to rehabilitation. Children have an enhanced capacity to change. This is why a child is “adjudicated” in juvenile court rather than “convicted” of a crime. An adjudicated child is not supposed to suffer the civil disabilities that convicted adults face, including having a public record. Our society has concluded that system-involved children should have a fresh start; data breaches interfere with that goal.

Unfortunately, the vast majority of states are failing to protect highly sensitive information contained in juvenile court records. When a breach happens, once-sealed information can become public, creating barriers to education, employment, and success for system-involved youth. Worse yet, once information is in the public arena, it becomes almost impossible to control its dissemination.

Recent efforts have been made to increase data-sharing among agencies in the juvenile system. In one sense, these information-sharing efforts are a cause for celebration. Many agencies come into play with system-involved youth — including juvenile justice agencies, child welfare agencies, mental health service-providers, schools, probation offices, and police departments. When organizations share accurate information, they can create coordinated case plans for children in their care. Additionally, information-sharing has the potential to reduce racial and ethnic disparities in the justice system. By collecting and analyzing data shared across systems, partner agencies can determine appropriate decision-making points for intervention.

However, as more agencies have access to sensitive data, even a single agency with lax cybersecurity practices could make a large swathe of children vulnerable to suffering from stolen data. What’s more, even if every agency took cybersecurity seriously by encrypting critical information, agency employees do not always take cyber hygiene seriously or follow best practices. For example, in Florida, a cybersecurity breach compromised the records of more than 100,000 juveniles and employees when an employee’s mobile device was stolen. The device was not compliant with the Florida Department of Juvenile Justice’s security standards, which requires both passwords and encryption.

Stakeholders involved have recognized that they must comply with federal and state laws regarding children’s privacy. What is missing from the discussion is how important it is to protect that information. Agencies must commit to protecting the children they work with by encrypting data, updating and patching systems, and teaching workers to follow good cyber hygiene practices consistently.

Without appropriate measures to implement best practices in cybersecurity, breaches will only continue to increase in frequency.


Image credit: wk1003mike

Featured Publications