By Bill Cracraft, Communications Specialist
The July 19 shooting of Daniel Anderl, who died, and his father, Mark Anderl, who was seriously wounded at the home they share with mother and wife Esther Salas, United States district judge for the District of New Jersey, has prompted a renewed effort to safeguard information criminals can use to locate members of the judiciary. The bi-partisan effort to increase security for judges and other courthouse workers is embodied in identical bills currently before the House and Senate. The family members were shot by a disgruntled attorney who, a day later, took his own life.
Bill H.R. 8591, currently in committee, sponsored by Representative Mikie Sherrill (D-NJ-11) and co-sponsored by Rep. John R. Carter (R-TX-31) and Rep. Eleanor Holmes Norton (D-DC-At Large) to provide for judicial security and privacy, was referred to the House Committee on the Judiciary in mid-October.
Bill S. 4711, titled “Daniel Anderl Judicial Security and Privacy Act of 2020” was read twice and referred to the Senate Committee on the Judiciary in late September. The bills note an “immediate need for enhanced security procedures and increased availability of tools to protect Federal judges and their families.”
The bills include provisions for curtailing the selling of personal information, such as addresses, phone numbers and social security numbers of judges; restricting family information including the identification of children or spouses; and providing for enhanced security at courthouses and the upgrading of alarm systems at judges’ homes. The bills state, no “person, business, or association shall publicly post or publicly display on the internet judges’ personally identifiable information,” after having been requested to remove the information. The bill allows judges to sue anyone violating the law.
The bills allow for funding “security monitoring services for active, senior, recalled, or retired Federal judges, including any method or methods designed to provide security through a system of interworking components.”
Finally, this bill provides for the Administrative Office of the U.S. Courts to coordinate with the U.S. Marshals Service and other relevant federal law enforcement and security agencies to monitor sources for the protection of at-risk individuals and judiciary assets, proactively monitor websites for judges’ personally identifiable information and report violations to the U.S. Marshals Service and, critically, maintain files of escalating behaviors to counteract overt acts of aggression.
In mid-September, the New Jersey Assembly unanimously passed a bill (A1649) creating “Daniel’s Law,\" establishing criminal and civil penalties for publishing home addresses or phone numbers of judges and prosecutors. That bill went to the New Jersey Senate on October 8.
There are a number of critical steps judges and others can take to reduce their online presence and to safeguard personal information to reduce one’s public profile. The September 2020 ebulletin for the Federal Magistrates Judges Association has two articles on judges’ security. The first article was written by Magistrate Judge Deborah M. Smith of the District of Alaska and Magistrate Judge Douglas Arpert of the District of New Jersey. Judge Smith is FMJA president, while Judge Arpert, who notes the bills before Congress and its critical elements, is chair of FMJA’s Security Committee.
The second article, by Amy Bennett, circuit information technology security director for the Office of the Circuit Executive of the Ninth Circuit, delves into what individuals can do to protect their information, whether one is a judge or person in the street. Bennett has developed a comprehensive list of to-dos for those wishing to ratchet up their personal security.
Bennett pointed out that every time one uploads personal information to any kind of site, it resides there, for better or worse, until it is removed, which could be never. Bennett notes that virtually all free sites, like YouTube and Google, including Gmail, collect browsing information which is stored and shared. She recommends a series of steps one can take to reduce one’s online profile, including removing data from primary sources followed by removal from legitimate data aggregators. She provides specific websites and instructions to help with these steps.
Bennett’s article goes on to discuss how to protect one’s credit rating and how to make it hard to steal personal information for financial exploitation, including never using public Wi-Fi and even bypassing charging stations since a USB cord is a data cable as well as a charging cable. Instead, plug directly into an outlet.
“In early 2018, several judges received horrible messages via the mail at their homes and had their personal information maliciously posted on the internet (posting that information is called “doxing”)” said Bennett. “No one government security entity could address the physical and online threats or provide assistance in understanding and reducing the risk. Every entity acknowledged the problem and provided information and advice but did not want to take on a comprehensive risk management program. I was extremely concerned by the lack of a proactive integrated risk management that addressed personal, professional, physical and online threats, and vulnerabilities,” she said. “My background is cyber defense, military operations, and national intelligence, which do address risk comprehensively,” Bennett continued. “The bottom line is there is no distinction, to a criminal, between a target’s personal and professional information or their physical and online activities and information. Criminals are going to use any information they can obtain to intimidate, harass, and attack people – both online and physically. Their attacks are integrated and holistic and use any vulnerability they can exploit. I think it’s critical to protect people and facilities in a proactive and holistic way that integrates searching for threats and vulnerabilities and addressing them.
“Molly Dwyer, Ninth Circuit court clerk, invited me to speak to the Court of Appeals. Circuit Judge Murguia sponsored my presentation and polled the Court of Appeals (COA) judges for their concerns. That helped me frame the issue and propose an approach to addressing the risk. The COA judges and later the Space and Security Committee were both very interested in the issue, my pilots, and the progress toward a formal program. Libby Smith, Circuit Executive was incredibly supportive of me researching the issue, engaging different stakeholders, and piloting different tools. Mary Schott (bankruptcy court clerk for the District of Nevada) hosted one of my support contractors in her court and sponsored a very successful pilot of proactively searching for threats against the courts and judges using publicly available sources and tools.”
Bennett is offering a 75-minute virtual class to court units on protecting personal information. The class covers the high level flow of personal information from primary sources to criminals, what criminals can do with personal information, step-by-step recommendations for reducing the risk of criminals obtaining and abusing personal information and handouts written with minimal jargon and acronyms so that people can understand and follow instructions.
As for the future, “My team is continuing to work with a pilot district to proactively search for threats against the courts and staff using publicly available tools and information,” said Bennett. “That’s helping us understand the local leadership’s priorities and concerns and letting us share what information and technological capabilities are available. The Ninth Circuit librarians have also been conducting proactive daily public searches for threats. They have been extremely generous in sharing their procedures and successes with my team and the AO.”
Bennett noted the three most important steps individuals can take to help protect themselves. “The number one thing judges and other appointed officials can do to protect themselves is check the state statutes for redacting personally identifiable information from government databases,” said Bennett. “Some states have separate forms for vehicle information redaction. It’s absolutely worth completing the paperwork and noting whether and when to renew the requests.
“The second thing is to monitor and protect personally identifiable information by implementing a credit freeze, implementing fraud alerts, signing up for the Office of Personnel Management identify theft protection, which applies to federal employees who were employed in 2014 or before, and making every password unique and complex.
“The third thing is to remove information from the sites that legally collect and sell it (data aggregators).” Details on how to accomplish these tasks are in the FMJA article.
As far as the legislation currently before Congress, “the bills before Congress are a much-needed protection for judges,” said Bennett. “A single case can put a previously unknown judge in an international and often unfriendly spotlight. The internet offers the power of information, mass communications, and of anonymity. It’s unfortunate that the data aggregators haven’t proactively removed the records of public officials voluntarily. Just because something is legal doesn’t mean it’s right. Technology has created extreme risk for our judges and other public officials. We need to use technology and pass laws to protect them.”
