fbpx
×

RESOURCES FOR VICTIMS OF THE ATTORNEY GENERAL’S OFFICE LEAK OF CONFIDENTIAL PRIVATE INFORMATION

CRPA, GOC,  and our legal team were made aware of a massive leak of personal information of CCW holders in California. The disclosure of all CCW holders in California is unprecedented and unconscionable. The leak included personal information including addresses, birthdates, driver’s license information, and information from DROS documents.

CRPA staff and lawyers are working to figure out exactly what happened, make sure the AG and DOJ incompetence is objectively investigated, make sure those responsible are held accountable, make sure this can never happen again, and supply all legal and other options to those who had their confidential information revealed. This page should serve as the clearinghouse to collect information about this data leak and your rights.

 

07/22/2022- VIDEO UPDATE FROM CRPA PRESIDENT & GENERAL COUNSEL – CHUCK MICHEL

 

BOOT BONTA!- Join the thousands that have added their name to the petition to tell Attorney General Bonta to Resign!

 

I. GENERAL INFORMATION

CALL DOJ DATA LEAKS VICTIM’S HOTLINE: 1 833 909 4419

CONTACT SHEET FOR ATTORNEY GENERAL’S OFFICE

FREQUENTLY ASKED QUESTIONS (FAQ)

06/28/2022- CRPA STATEMENT REGARDING DOJ DOXING OF GUN OWNERS

07/25/2022- List of Information Actually Released in DOJ Leak  

07/22/2022- VIDEO UPDATE FROM CRPA PRESIDENT & GENERAL COUNSEL – CHUCK MICHEL

06/29/2022 Timeline of the DOJ Breach

II. ONGOING INVESTIGATIONS

Independent Law Firm Hired by DOJ to Investigate

07/22/2022- Republicans Call on State Auditor to Conduct Independent Investigation of CA DOJ Leak

CRPA Investigation is Ongoing

      07/21/2022- CRPA Public Records Request to Department of Justice 

      07/13/2022- CRPA Public Record Request to Department of Justice

III. STATEMENTS FROM  GOVERNMENT OFFICIALS

07/21/2022- Letter that Senators Received From AG Referencing Data Leak

07/11/2022- DOJ “RESPONSE” LETTER TO VICTIMS OF THE DATA RELEASE (Redacted copy of an actual letter)  

NEW!!! 06/30/2022- Before Leak- DOJ Attorney Promised Court No Gun Owners Info Would Be Leaked

06/30/2022- SENATE REPUBLICAN CAUCUS LETTER TO AG BONTA

06/29/2022- CA DOJ Alerts Persons Who Had Data Exposed

06/28/2022- DOJ Announcement on Website

IV. MEDIA COVERAGE

07/20/2022- Cal Matters, Concealed Carry Fiasco Hangs Over Capitol

07/12/2022- Daily Caller- Rob Bonta California AG Apologizes Gun Data Leak

07/11/2022- NRA-CA Targets First and Second Amendments with Advertising Ban

06/30/2022- Dana Loesch talks to President Chuck Michel About DOJ Breach

06/30/2022- The Reload- California Plans To Alert Gun Owners

06/29/2022- KTLA News- CA Sheriffs Concerned About Data Breach

06/29/2022- The Trace- CA DOJ Leak Exposes Gun Owners’ Private Data

06/29/2022- California Globe- CA AG Leaks Names and Addresses of State’s Legal Gun Owners Following SCOTUS Gun Ruling

06/29/2022- California Sheriffs Public Alert on Data Breach

06/29/2022- Cam & Co- Data Leak with Chuck Michel

06/28/2022- L.A. Times- Data Breach Affects All California Concealed Carry Permit Holders

06/28/2022- Blaze Media- California Leaks Gun Owners’ Names, Home Addresses in Massive Privacy Breach

06/28/2022- Daily Caller- California AG Leaks Names, Addresses of Gun Owners In The State

06/28/2022- The Truth About Guns- Intimidation: California AG Posted the Names, Personal Info of Carry Permit Holders After Bruen Ruling

06/28/2022- Bearing Arms- CRPA: California “Data Breach” Exposes Personal Details of Concealed Carry Holders

06/27/2022- Reddit Discussion

06/27/2022- Calguns Forum Discussion

V. CURRENT AND PENDING LITIGATION

A. CLASS ACTION LAWSUITS

NAGR Files First Class Action

A pro-Second Amendment organization based in Colorado has filed a class action lawsuit about the data leak. Unlike CRPA and GOC, this Colorado group has historically not been active in defending California gun owners and has not been working with CRPA or GOC. The group immediately started fundraising off the suit even before it was actually filed. That’s a bit unusual, and perhaps telling of the dedication of this group, because class action lawyers typically recover their attorney’s fees from the defendant at the end of the case. The class in this lawsuit has not yet been certified, and likely won’t be for quite a while, if ever. Class members will have an option to “opt out” of the class and file their own lawsuit, or join a different class or mass action lawsuit.

Read more about class actions here: How do Class Actions Work?  

B. MASS ACTION LAWSUITS

MASS ACTION PENDING

CRPA is currently collecting names and emails for potential plaintiffs in a mass action lawsuit. Once we decide how to craft this, we will give everyone the option of participating. Watch for more information and videos on how this would work.

WHAT IS A MASS ACTION?

Compared to class actions, mass torts generally have more in common with a standard negligence lawsuit. Mass tort lawsuits tend to involve a large number of plaintiffs from the same geographical area. It is possible to file these claims in state or federal court depending on the facts of the case. Mass torts can involve single or multiple defendants, and plaintiffs may seek compensation for similar physical or financial injuries they all suffered as a result of the same event or events.

Most mass tort cases stem from an act of negligence or misconduct. While most mass tort actions target a corporation, these lawsuits could also name individuals or other corporate entities as defendants.

Mass tort plaintiffs must have more in common than simply sharing the same defendants, however. A valid mass tort case must involve multiple plaintiffs that sustained injuries at the hands of the same defendants caused by an identical harmful act. This could involve anything from a defective medical device to a chemical spill.

C. INDIVIDUAL LAWSUITS

CRPA’s attorneys are working on a template lawsuit that individuals could file against DOJ, perhaps in small claims court where you wouldn’t need (and in fact wouldn’t be allowed to have) a lawyer. Our template lawsuit will be fill in the blanks with pre-prepared arguments and legal authority for members to use and a step by step how-to-sue DOJ guide.

It would be poetic justice for the Attorney General to face tens of thousands of lawsuits by DOXED individuals.

D. SMALL CLAIMS LAWSUITS

Information about small claims actions can be found here: Steps to Filing a Small Claims Case

CRPA will be posting more about this option, as well as filing other types of lawsuits.

E. THEORIES OF LIABILITY AND DAMAGES

BE ADVISED – WE ARE STILL LOOKING INTO THEORIES OF LIABLITY AND POTENTIAL DAMAGES CLAIMS.

Can the government be held liable for losses, damages, injury, or death that directly resulted from this leak?

If someone can prove they were harmed by the leak, there are a few legal theories which they could pursue to attempt to recover damages. While this is not intended to be a comprehensive legal analysis, CRPA will attempt to briefly describe the three of the main legal theories and their relative odds of success.

1. Federal Right to Privacy: 14th Amendment to the U.S. Constitution & 42 U.S.C. § 1983

A claim brought based on the federal right to privacy is a tenuous theory of liability. Unless more information as to the reason for the leak is revealed which shows the leak to have been an intentional act (i.e., the person or persons at the DOJ who caused or facilitated the leak did so with the intent to publish gun owners’ personal information), a Section 1983 action based on a negligent leak of the data would likely be unsuccessful. This is because “negligent conduct by a state official, even though causing injury” is not grounds for finding the deprivation of a constitutional right.” Daniels v. Williams, 474 U.S. 327, 331 (1986). We are aware that the leak itself was “intentional.” What the investigations should determine is whether the leak of the street address and other private information was “intentional.” If evidence comes to light which shows the leak of the sensitive private information was intentional, we will update this section accordingly and advise everyone who has contacted us.

2. Right to Privacy Under Article I, Section 1 of the California Constitution

The California right of privacy protects the individual’s reasonable expectation of privacy against a serious invasion and it is “much broader than its federal analog”. American Academy of Pediatrics v. Lungren, 16 Cal. 4th 307, 325–26 (Cal. 1997). California courts recognize a constitutionally protected interest in a person’s name, address, and phone number.

To establish a violation of privacy rights in California, a plaintiff needs to establish three things: “(1) a legally protected privacy interest; (2) a reasonable expectation of privacy in the circumstances; and (3) conduct by defendant constituting a serious invasion of privacy. In this circumstance, people with conceal carry permits do have a legally protected privacy interest under California law, and they also have a reasonable expectation that their data will not be accidentally leaked out for no reason. Whether the invasion of privacy is “serious” or not in a legal sense will likely vary based on the individual.

Such a claim may thus be viable, and if you believe you have been harmed by the leak you should seek to consult an attorney as you may need to file what is called a government claim to preserve your right to sue in state court. That said, whether or not money damages are available remains an open question. While one case has said that “courts, exercising their authority over the common law, may, in appropriate circumstances, recognize a tort action for damages to remedy a constitutional violation”, Katzberg v. Regents of University of California, 29 Cal.4th 300, 325 (2002), what constitutes an “appropriate circumstance” is up for debate, and it would be quite risky to assume money damages are available from the government in such a lawsuit. 

3. The Information Practices Act (California Civil Code section 1798, et seq.)

California’s Information Practices Act (IPA) broadly protects people’s interest in the confidential and private information stored in government files.  While an extensive analysis of the IPA is outside the scope of this FAQ, whether a claim for the DOJ’s data leak is viable likely depends on whose privacy interest is being pursued. An IPA claim will require arguing that a plaintiffs’ privacy interest is greater than the public’s right to know, even though the leak was not intentional (as far as we know). In addition to actual damages as well as attorney’s fees and costs, a successful plaintiff under the IPA can recover $2,500 in exemplary damages if they prove the leak was intentional.

4. Public Disclosure of Private Facts

This claim requires a Plaintiff to prove that (1) a defendant publicized private information concerning the plaintiff; (2) that a reasonable person in the plaintiff’s position would consider the publicity highly offensive; (3) that the defendant knew, or acted with reckless disregard of the fact, that a reasonable person in the plaintiff’s position would consider the publicity highly offensive; (4) that the private information was not of legitimate public concern [or did not have a substantial connection to a matter of legitimate public concern]; (5) that the plaintiff was harmed; and (6) that the defendant’s conduct was a substantial factor in causing the plaintiff’s harm. (from jury instructions)

In addition, caselaw precedent holds that in order to be actionable, the information revealed must itself be offensive to the reasonable person. The California Supreme Court has stated that the published facts must be so offensive as to shock the community’s notions of decency. (4 California Torts § 46.03 (2022).)

One of the immediate challenges to a lawsuit making this claim is that a purely accidental divulsion may not be found to satisfy all of the legal elements to constitute an invasion of privacy under the law. One of the elements cited above is that “the defendant knew, or acted with reckless disregard of the fact, that a reasonable person in the plaintiff’s position would consider the publicity highly offensive”. If the leak was indeed accidental as the Attorney General currently claims, then there was no real intention behind the leak. They didn’t act knowing the information would be offensive to the people who had their information leaked, or with reckless disregard of that fact, instead, they just didn’t mean to leak this info at all. Of course, this calculus changes if it is later discovered the leak was intentional.

Even in that circumstance, there would still be the problem of establishing that the information leaked was itself “highly offensive”, as having a CCW permit does not shock the community’s notions of decency – although the leak of the street address might be considered offensive.

F. POTENTIAL PLAINTIFF FORM

If you are interested in serving as a plaintiff in a potential lawsuit regarding this breach of sensitive personal and confidential  information, please contact us at either potentialplaintiffs@michellawyers.com or helpdesk@michellawyers.com  Please do not be concerned that the form is not tailored to this particular incident. These are general forms to collect information.  

VI. HELP CRPA HELP YOU

You can help CRPA help you by taking the following actions:

SUBSCRIBE TO CRPA BULLETINS

Its free, even if you aren’t a CRPA member. KNOWLEDGE is the first step to power.

JOIN CRPA

We don’t care if you join under your real name. Many folks have even bought memberships for their pets. Feel free. It’s ironic though, because CRPA has NEVER had a data leak, and the information about our members and donors has never been sold or shared.

DONATE TO CRPA

VOLUNTEER FOR CRPA

Volunteers are CRPA’s most powerful weapon!

JOIN YOUR LOCAL CRPA CHAPTER

Have fun, meet good people, and increase your influence locally. We can make a SUBSTANTIAL difference in local elections and politics.

 

 

                               

39 responses to “RESOURCES FOR VICTIMS OF THE ATTORNEY GENERAL’S OFFICE LEAK OF CONFIDENTIAL PRIVATE INFORMATION”

  1. CRPA says:

    This is the place to leave all of your questions regarding the DOJ leak of personal information. We will attempt to answer as many questions as possible and we will have a frequently asked questions update coming out next week.

  2. Unknown says:

    2 Questions:

    1. Is there any language in any of the lawsuits regarding the data breach that would make the CA DOJ/Atty Gen. Office liable for losses, damages, injury, or death as a result of criminal use of any CCW holders’ private information? We have already received the information regarding the IDX cyber security measures, but what about our physical property, possessions, and bodies?

    2. In regards to the SCOTUS ruling casting out the “Good Cause” requirement for CCW, what can be done to prevent CA and other “May Issue” states from adding other more stringent requirements to CCW applications or further barring the right to carry concealed firearms in more locations?

  3. Unknown says:

    Have all the victims been notified by CA DOJ?

  4. John Smith says:

    Hello I had a CA ccw for a few months in 2021 before moving out of CA, I am not sure if my info was leaked but will I still be able to participate in this lawsuit?

  5. Unknown says:

    At this point I would like to know conclusively if my information was leaked. I have applied for a permit but it has not been issued yet, so I may be clear. I do however own firearms and I believe this information was also leaked. Is there a way for us to know exactly what information about Us was leaked? (While maintaining the privacy of others- I only want to know about my information)

    Also, in addition to seeking damages for the plaintiffs, is this suit going to address the fact that the state maintaining this data and forcing residents to register is not constitutional? I would like to see these lists deleted and mandatory registration stopped.

    Thank you

  6. Ed says:

    Why are Republican legislators not demanding an outside DOJ entity/person or a special prosecutor to investigate who is responsible for this egregious violation of our privacy and why are they not conducting hearings on this so-called “data breach”! This was a deliberate act by the anti-2A Marxist in the Marxifornia government! I have not heard one single word about any investigation! I’m certain the DOJ is in full coverup mode.

  7. Unknown says:

    What information was contained in the FSC database leak? I have reviewed copies of the CCW, DROS, and AW database leaks, but have not seen what was in the FSC database leak.

  8. Unknown says:

    @Jason C – if you join the Facebook group “California Concealed Carry-CCW” and ask this question, one of our members that have access to the leaked CCW database will be happy to confirm if your info is contained within it or not. FYI, the CCW database contains information up until 12/31/2021 and nothing dated later than this.

  9. Unknown says:

    Some of the potential leaked information regards gun ownership and particularly “assault” weapon registry. Given that the state is keeping these lists like some would-be despot monitoring which citizens to target after the coup, what rights do we have if the state decides to actually come confiscate them? Or demands they be turned in? What measures can we take to refuse to submit to unconstitutional laws? Do we get an attorney and meet them at the front door, denying entry? Or do we just refuse and have them take us to jail, and then have to fight it from a wrongful imprisonment angle? I don’t believe if we turn them in willingly, we’ll ever get them back.

  10. Unknown says:

    If I were to become a plaintiff in this lawsuits, what would I be required to do?

  11. Unknown says:

    I received my notification from the CADOJ about their release of my personal info. In that letter they offered ID protection, through a third party. My question is, if I do accept this protection, does it let the CADOJ off the hook for releasing my info? I DO NOT the CADOJ and think this is a trick.

  12. John Doe says:

    Thinking about joining as a party to the class action suit against the state.

    Can one join anonymously as a “John Doe” as a way of safeguarding against further/ongoing media attacks/smears? If yes, how secure is that information held?

  13. Unknown says:

    I received a letter from the California Attorney Generals Office. Regarding their release of my personal information. In that letter they offered ID protection. At no cost for 1 year.
    My question, if I do accept this protection, does it let California off the hook?
    Will an acceptance of ID protection, be taking a settlement?
    If I accept the ID Protection, will this eliminate me as a future plaintiff?
    What do you recommend? Accept Id protection, or do not?

  14. Unknown says:

    The letter I received from AG Bonta notifying me of the release of my personal information was patronizing and offered little in terms of what the AG’s office is willing to do about the matter. Merely offering a “credit protection” service is a slap in the face to all of California’s law abiding CCW holders and gun owners! The main concern is for our physical safety from criminals who now have a shopping list of potential victims. It’s just a matter of time before criminals take action. Yet AG Bonta did not acknowledge this risk or offered any solutions on how we can protect ourselves physically. Instead they want to limit where we can now legally carry!? Really?? I was planning on selling my home in the next 2-years but now, what potential buyer would consider buying a home from a person whose personal firearms information, including my address, was leaked to the public. Do you think they may be concerned about being harmed due to mistaken identity? Should I be immoral and not mention the breach to the potential buyer? Is the state of California willing to buy my now un-sellable home? It sad to think the one-thing I had to protect me and my loved ones from harm (my CCW) is now the very thing that could be bring real harm to my doorstep. Thanks AG Bonta and Governor Newsome who I’m sure spear-headed this unconscionable act against law abiding citizens in effort to garner political gain at our expense and safety.

  15. Unknown says:

    Correct me if Im wrong, but as I understood it they not only leaked CCW holders info but also anyone who registered a weapon too? Many law abiding gun owners were forced to register their LEGALLY homebuilt weapons, since the state turned them into felons with a vote and stroke of a pen.

  16. Unknown says:

    I just received a letter from the DOJ apologizing for what happened and offering free credit monitoring. They also said I should monitor my own accounts as well. This is not acceptable as my biggest worry is now criminals will be coming to my house to take what I own. I’m sure if Bonta got doxxed there would be more outrage. I want the settlement to be as large as possible to make sure this never happens again!

  17. Unknown says:

    What about firearms safety certificate holders and everyone that purchased a firearm the past 10 years? They said that info was possibly leaked also.

  18. CRPA says:

    For all the questions on how do I know if my information was on the list?

    The database has been removed from the website and there is no way to check if your individual information was part of the leak. If you received a letter from the Attorney General alerting you to the leak, then your information was released and you are part of the group that the leak impacts.

    It looks at this point that the leaked data included all CCW holders in the state and those that applied for a CCW prior to the leak.

  19. CRPA says:

    The letter from AG Bonta alerting those whose information was leaked was lacking. We understand that this is a requirement for any leak of personal information of this magnitude. They were checking off the box of formally alerting the public, but more should be coming.

  20. CRPA says:

    Not sure who runs this group, but you need to be careful about sharing of information known to be leaked. This too is a violation that carries a hefty penalty.

  21. The leak exposed the private information of all gun owners who applied for a concealed carry permit between the years 2011 and 2021. The information exposed included the names, date of birth, gender, race, driver’s license number, addresses and criminal history of the gun owners. Information was compromised from the contents of five other gun registries, including the Assault Weapon Registry, Handguns Certified for Sale, Dealer Record of Sale, Firearm Certificate Safety and Gun Violence Restraining Order. The social security numbers of those on the list were not leaked, according to the DOJ.

  22. CRPA says:

    We know that California is planning on following the New York example of looking at “good moral character” and “sensitive places.” They plan on taking this up after the July recess. CRPA and other groups will be fighting this in Sacramento, but Governor Newsom has promised to sign every single piece of gun legislation brought to him regardless of the constitutionality of that legislation. This leaves the courts as the only option to fight these laws. Unfortunately, the state has our tax dollars to fight in court, we must support cases from donations from gun owners and members. It is unfair to say the least, but if we are to protect our rights, we cannot let these laws stand.

  23. Unknown says:

    I am a member of CRPA and have a CCW permit. If I follow the sujestions in the DOJs letter will that jeprodise my standing in a class action?

  24. CRPA says:

    They are. There is a letter that was sent by the Senate Republican Caucus regarding this on the page at the top.

  25. Registration is already being challenged. CRPA has has challenges working their way through the court for several years now.

    There is no way to know conclusively what specific information was leaked on an individual. There are some out there that will share that information but it is illegal to do so if they have the information.

  26. Unknown says:

    My fear is that the “People” that are against guns in general will use this information to falsely make red flag accusations against gun owners, hoping to have them confiscated. How are we protected against this happening? What are your rights to protest, prior to confiscation?

  27. Unknown says:

    It is a Violation for Information to be leaked in the Medical field. I see no differrence in this situation .I am outraged and would like to know if recourse is possible .If a class action lawsuit is filed , please add my name .
    I have and feel violated on many levels and have more fear of future problems because of this leak .My home information , Drivers license , and all other information is exposed.It looks intentional and I would like to see Justice in this egregious attack on “We the People “

  28. Unknonw says:

    I have not and will not accept their offer of credit monitoring. I would caution others to read the terms before accepting their offer. Listed in their terms is the following gem: “THIS AGREEMENT CONTAINS ARBITRATION AND CLASS ACTION WAIVER PROVISIONS THAT WAIVE YOUR RIGHT TO A COURT HEARING, RIGHT TO A JURY TRIAL AND RIGHT TO PARTICIPATE IN A CLASS ACTION. ARBITRATION IS MANDATORY AND IS THE EXCLUSIVE REMEDY FOR ANY AND ALL DISPUTES UNLESS SPECIFIED BELOW OR IF YOU OPT-OUT. PLEASE CAREFULLY REVIEW THE DISPUTE RESOLUTION PROVISIONS BELOW WHICH DESCRIBES YOUR RIGHT TO OPT-OUT.”

  29. Ian says:

    How can I be a part of the class action lawsuit?

  30. MAPC says:

    This is a mandatory offer that they must make for these types of leaks. It does not preclude you from being a part of legal action.

  31. David Webb says:

    I had a CA CCW. I moved out of CA in 2019. My CCW expired in 2020. My information was leaked according to the IDX people. I took the free monitoring service because my personal information was compromised, and identity theft is a complicated, long, nasty process to clean up.

  32. S. R. says:

    This leak is not the first one. Remember when
    all the instructor’s names were released.

    We are now afraid to leave the house unattended. One of us always stays home. I would think that among damages are the costs we now must bear of hiring someone to stay here if we are both away. We certainly do not like the feeling of being on someone’s shopping list. I think I’ll send Bonta our next bill for a house sitter! I won’t be hiring any teenaged girls, think about it, it’s too risky.

    Will there be a place for us to share incidents related to this data grab, should they (God forbid) occur?

  33. JP says:

    I heard word that California was going to make plaintiffs pay if case is lost? The legislature is trying to change the law? Have you heard anything about that?

  34. James Mercer says:

    My letter from the DOJ is dated July 8, 2022. What is the time limit for a government tort claim in this type of case?

  35. Frank Van Sant says:

    How many law firms (in California) have filed a potential lawsuit regarding this breach of sensitive personal data by the CA DOJ?

  36. T B says:

    This was not a breach of information. Breach implies a break in. This was freely given.
    Google AB173 and read the bill.
    The amount of private information provided by the DOJ into the portal is staggering.
    Info is provided to UC Davis but may be provided to any other qualified institution. The bill does not require background checks to gain access to our private information.
    I have requested the DOJ provide all my data, specific & detailed, which was released from the Firearms Dashboard Portal to the public and is contained within the DOJ Firearms Dashboard Portal database.

    You may want to look at this site too.
    https://www.justice.gov/opcl/doj-privacy-act-regulations

  37. Kevin says:

    Why hasn’t a judge issued some kind of restraining order against any further release of this information until a full investigation has been completed? The entirety of the bill that allowed this in the first place is unlawful as far as I’m concerned, and it should be overturned.

  38. J. A. says:

    I am a CRPA life member and am interested in item “C” (Individual Lawsuits). Is there an expectation of when the templates will be available?

  39. fed up says:

    I sent a FOIA request for IP addresses that accessed the information, to the AG office and received a letter that they needed more time to process the request and gave a date of 10 days. Four days after the expiration, they sent me another letter stating they retained counsel and that it would take months to complete a forensic investigation to determine how it happened. They also stated “At this time, as the investigation is ongoing, the public interest in disclosure of the records you requested is clearly outweighed by the public interest in facilitating an accurate and thorough investigation.” Lots of word salad.

Leave a Reply

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.