Legislative Update from NCISS Legislative Committee and Lobbyit


        Colorado – Multiple Bills – Consumer Protection, Personal Identifiers, Restricting Availability, DPPA and more
        (Professional Private Investigations Association of Colorado – PPIAC – Robert Orozco, VP of Legislative Affairs)
        Two bills very similar to Texas, and also seen introduced in other states. One also prohibited the bulk sale of state data,
        including DMV records; this stated to otherwise preserve the state and adopted DPPA standards. In testimony the bill
        sponsor stated this arose from harassing car warranty calls and this data coming from vehicle sales records. There was
        additional testimony about this data not coming from DMV records, and losing this would greatly impact important
        investigations such as child support enforcement. The bill sponsor agreed to revisit the issue if the bill made it out of
        committee – it did not. Another bill introduced proposed to require state and local government to remove all personal
        data from all records, and notify consumers every 90 days of any records to request removal. This bill was pulled by the
        sponsor after a $2 BILLION price tag to implement was attached, requiring 6,500 new employees, and annual costs not
        much better. Next, in the wake of a Denver unlicensed security guard fatally shooting a protestor in June 2020, a
        security licensing bill has been introduced. Colorado does not have state licensing, it is to the individual cities and
        counties. This is being monitored and the bill sponsor has been receptive to concerns. Finally, a new consumer privacy
        bill was introduced, similar to Virginia and other states. Presently it does not have an impact on the investigative or
        security professions and is being monitored.

        Michigan – Courts Records Redacted of Personal Identifying Information
        (Brandy Lord – NCISS At Large Director)
        Michigan Supreme Court order AMD #2017-280 Amendment 1.109 and 8.119 filed 05/22/2019 and effective
        01/01/2021. Michigan courts are required to redact Personal Identifying Information such as DOB’s and addresses. The
        order expands by detailing what is to be redacted, “In order to protect privacy and address security concerns, it is
        ordered that protected personal identifying information, as defined in court rule, filed with the state courts of Michigan
        in any form or manner and for any purpose must be nonpublic.”


         NCISS and Your State Associations – Working Together

        NCISS, working with state associations, is asking for help with the following:
            •  Who has a DMV / Data State Bill?
            •  Do you think it will pass or does it have enough support?
            •  How can we assist?

        As previously shared, the impetus for these DMV bills is the misconception states are making millions in revenue from
        the sale of what is private information – from an otherwise public record. The misconceptions are: 1) these ‘millions’ are
        gross revenues and do not account for the cost of providing the record, the same as other public records and is not
        ‘profit’ – and is often general fund revenue for the state; and 2) investigative and security professions are not the
        primary, or even secondary or tertiary, recipients of this information. We are, however, low hanging fruit due to other
        misconceptions of being shady and unprofessional. This presents two important considerations: 1) look, sound, and
        present ourselves professionally at all times; and 2) reinforce the arguments of why we need access with new strategies
        and active calls to action.

        NCISS continues to work with state associations, including CALI, to monitor the aggressive nature of state agencies
        restricting lawful access to state driver license and motor vehicle records by private investigators. States are auditing
        requests, scouring agency websites, and denying access for reasons most often contrary to federal and state DPPA laws
        because of possible wrongful intent by the private investigator. For example, auditors documenting an agency website
        lists services outside the permissible purposes, and still a lawful service, such as listing infidelity surveillance may result
        in a denial of any records for permissible purposes – such as locating a witness. The privacy advocates have asserted
        some lawful purposes are too vague and more protective restrictions are needed to prevent any use of ‘loopholes’.




                                                                                                   26