Calif. DMV Revokes Allstate’s Electronic Access to Confidential Driver Records; Garamendi Supports Decision

January 17, 2003

The California Department of Motor Vehicles has revoked Allstate Insurance Company’s electronic access to confidential driver license and vehicle registration information, because the company reportedly failed to adhere to state laws and regulations concerning access to those records.

The DMV provides electronic access to confidential information for Allstate and other insurance companies to facilitate their investigation of automobile insurance claims and to set rates based upon a person’s driving record. The Department stated the reason it revoked Allstate’s requester code contract was because the company allegedly engaged in continuous and system-wide violations of the security provisions of that contract.

“We fully support the Department of Motor Vehicle’s enforcement action against Allstate Insurance,” California Insurance Commissioner John Garamendi said. “Individual privacy is of utmost importance. Consumers place their trust in insurers to protect that privacy according to all ethical and legal standards. Allstate has violated that trust. We will immediately engage Allstate in discussions regarding DMV’s enforcement action against the company.”

A DMV audit at seven of the company’s California claims offices uncovered that Allstate employees had allegedly engaged in numerous violations of the confidentiality requirement of the contract. This included using bogus or nonexistent investigative file numbers to request information from DMV files.

The audits were triggered by a complaint that an Allstate customer’s confidential address had been released, which resulted in a written threat to that person. These audits also uncovered numerous instances where Allstate employees reportedly improperly accessed records of friends, relatives, and others in addition to their own records.

High on the list of violations was the company’s refusal to allow DMV auditors access to Allstate premises as guaranteed by the company’s contract with DMV, and numerous password and security lapses. There were many other types of contract violations, including failure to keep records of address inquiries, application changes, and disclosure violations. The audit also uncovered significant unauthorized use, disclosure, and distribution of the information obtained.

DMV Director Steven Gourley said unauthorized viewing and disclosure of the department’s confidential records is a very serious matter. He asserted he has “a duty and an obligation to assure that no one abuses the public’s right to privacy of confidential record information.”

He added, “While I regret this may present an inconvenience to Allstate’s customers, we must make a strong statement that abuse of the information held by the Department of Motor Vehicles on behalf of consumers will not be tolerated. Allstate can still obtain their customers’ information, but not by electronic means.”

The revocation of Allstate’s electronic access to DMV records will not have any effect on the department’s system for Internet renewal of vehicle registrations. Allstate customers have not been eligible to use that service, because Allstate is the only major auto insurance company that has not signed up with the California DMV for electronic verification of insurance coverage.

This is not the first time the California DMV has revoked a company’s authorization for electronic access to DMV records because of violations.

Was this article valuable?

Here are more articles you may enjoy.