INGOP Caught Selling Hoosiers’ Personal Data to Third-Party Vendors Without Consent, INDems Demand Apology for “Big Government” Tactics


Governor Holcomb should apologize to Hoosiers for betraying their trust

Despite preaching against “big government”, INGOP continues to deploy big government tactics on Hoosiers and against municipal governments

U.S. Senator Todd Young and State Senators Michael Crider and Chip Perfect declined to comment

INDIANAPOLIS – The Indiana Democratic Party, the organization that advocates for the future of Indiana and its families, today criticized the Indiana Republican Party for selling Hoosiers’ personal information to third-party vendors without their consent. According to a bombshell report by CBS4 Indy, the Holcomb Administration has sold $43 million worth of personal data and public records since 2018, providing this information to “tow companies, automotive dealers, police agencies, lawyers, private investigators, and security firms”. This is just another example of “big government” tactics deployed by the Indiana Republican Party, and Indiana Democrats demand Governor Eric Holcomb apologize to Hoosiers for betraying their trust. Indiana Republicans like U.S. Senator Todd Young and State Senators Michael Crider and Chip Perfect declined to comment on this news

“There is absolutely no reason why Hoosiers are having their personal information and public records sold off to third-party vendors without their consent, and Governor Eric Holcomb owes Hoosiers across Indiana an apology for betraying their trust in our state government,” said Lauren Ganapini, executive director of the Indiana Democratic Party. “It’s without a doubt that had the shoe been on the other foot and a Democratic administration was found to infringe on Hoosiers’ personal freedoms, Indiana Republicans would treat this like an assault on the Constitution. Accountability must happen, or Republicans will prove their crusade against so-called ‘big government’ is nothing but an extreme partisan stunt.” 

Indiana Republicans seem to have forgotten their identity and crusades against so-called “big government” in recent memory. The BMV’s ability to sell Hoosiers’ personal information without written consent is the latest in a string of strong-arm attacks coming from Indiana Republicans. Other incidents include Attorney General Todd Rokita suing Indiana University for its COVID-19 vaccine guidelines and Statehouse Republicans overriding Governor Holcomb’s veto protecting local health departments. And not to be forgotten, the INGOP also issued more than a dozen bills last legislative session aimed at the City of Indianapolis – including revoking city control of the IMPD, attempting to defund IndyGo’s Bus Rapid Transit system, and stripping local control from city elected officials

Records show the Indiana BMV has been selling people’s personal information

CBS4 // Angela Brauer

Records show the Bureau of Motor Vehicles is selling people’s personal information and has been for years.

CBS4 dug through public records and found the agency has made $43 million off of the practice since 2018. It has sold “enhanced access” to more than 1,400 businesses including tow companies, automotive dealers, police agencies, lawyers, private investigators, and security firms.

CBS4 asked the BMV for an on-camera interview but a spokesperson declined. […]

“…It allows Indiana’s BMV to offer “enhanced access” to attorneys, auto dealers, bail bondsmen, debt collection companies, insurance agents, insurance companies, mobile home parks, private investigators, recovery agents, school corporations, security guards, sheriff and police departments and tow companies. […]

“From what CBS4 has gathered, an approved company pays a fee and is given enhanced access to BMV records. A tow company, for example, can submit a person’s first and last name and driver’s license number and get back the individual’s license type and status, current points, license expiration date and more. They can also access title and registration information. 

A debt collection agency could submit someone’s first and last name, date of birth and social security number and they would receive an official driver’s record, title and registration details.” […]

Cybersecurity expert Scott Shackelford is critical of the practice.

“It’s not like there is another alternative for folks to use instead or some more secure system,” he said. “When you go to the BMV, there is not a lot of opportunity to really be able to decide how much information we’re comfortable sharing.”

Shackelford questions how secure the system is once a person’s information is sold and what rights an individual would have if it ended up in the wrong hands.

“Based on how broadly this information is being, basically – let’s face it – commoditized, and sold, potentially to the highest bidder, there is no control the BMV has after that initial transaction,” he pointed out. “That information can be repackaged yet again and sold to another party for all different purposes.”

He and several Hoosiers feel legislators should do more to protect people’s data.

“There is a lot more, frankly, that states can be doing,” Shackelford said. “If the state of Indiana would like to, the state legislator could act on this and prohibit the sale of third party of information to third parties from the BMV. It hasn’t happened yet.”

Our investigative team reached out to three senators for comment, but no one was willing to speak publicly about the matter. Senator Todd Young, who has been vocal about cybersecurity and data protection in the past, declined. A spokesperson for Senator Michael Crider, the chair of Homeland Security and Transportation, said he has “no comment on the subject at this time.” Finally, the press secretary for Senator Chip Perfect, the chair of the Commerce and Technology Committee, said he was not available for an interview.


Let’s elect more Hoosier Democrats
We can't sit this one out.