[HN Gopher] State Bar of California addresses breach of confiden...
___________________________________________________________________
State Bar of California addresses breach of confidential data
Author : borepop
Score : 172 points
Date : 2022-02-28 17:02 UTC (5 hours ago)
(HTM) web link (www.calbar.ca.gov)
(TXT) w3m dump (www.calbar.ca.gov)
| [deleted]
| danso wrote:
| According to this LA Times [0] story, the records were apparently
| found on judyrecords.com, a project recently discussed in a Show
| HN [1]
|
| > _State Bar officials learned about the posted records on Feb.
| 24. As of Saturday night, all the confidential information that
| had been published on the website judyrecords.com -- which
| included case numbers, file dates, information about the types of
| cases and their statuses, respondent and complaining witnesses
| names -- had been removed, officials said._
|
| > _...Full case records were not published. Officials said they
| don't know whether the published information was the result of a
| hacking incident. Judyrecords.com is a website that aggregates
| nationwide court case records._
|
| edit: The "Info" link [2] on judyrecords.com has updates related
| to this event. It asserts that the confidential data was
| available on the CA Bar's own website:
|
| > _These records were all (confidential & non-confidential)
| previously publicly available at https://discipline.calbar.ca.gov
| (now offline)._
|
| [0]
| https://www.latimes.com/california/story/2022-02-27/californ...
|
| [1] https://news.ycombinator.com/item?id=30399881
|
| [2] https://www.judyrecords.com/info
| coding123 wrote:
| I thought something was off about that site. I doesn't seem
| fair or legal to just publish that data like that.
|
| I think in the era of go in and get things things should be
| "public".
|
| Now in the search engine age and data available at your
| fingertips we need to entirely change our public records
| laws... Immediately.
|
| edit: In fact a HN User said this with NO REPLY from the author
| of that Show HN: I have some records that are sealed, but show
| up in this database. So there are records that were once
| 'public' but are no more, but this database makes them public
| again.
|
| I think that website should be taken offline immediately.
| richardbarosky wrote:
| It's the first reply.
| 5ESS wrote:
| Blame the state governments for publishing those records in
| the first place. Everyone knows that once information is
| published on the internet there is really no "undo" button.
| If judyrecords goes down another, perhaps less scrupulous,
| operator will release another similar site.
| wolverine876 wrote:
| Without transparency, including public records, how do we
| hold the powerful accountable? Court records are public to
| prevent secret government courts from abusing people (among
| other reasons). How do we operate a democracy, which depends
| on citizens controlling their country?
|
| And most importantly, who does get access to the records?
| That exculsive access will give them a lot of power.
| nisegami wrote:
| >Court records are public to prevent secret government
| courts from abusing people
|
| Except of course, when "national security" is involved.
| sacrosancty wrote:
| It's possible to be both not public enough to ruin people's
| lives and public enough for journalists or concerned
| individuals to find. In New Zealand, voter registration
| details are, by law, available to look at but not to copy.
| Anyone can walk in to a public library anonymously and
| rifle through the book but the book is chained to the desk
| and you're not allowed to photocopy it or take photos.
| Also, it's only present in the local libraries near where
| the voters live.
| SllX wrote:
| Something that stuck out to me about that website is that
| we really do publish a lot. If you ever had a speeding
| ticket, that's a matter of public record now. If you ever
| had a parking violation, that's a matter of public record.
| I mean to be honest, if you just have a car, I can probably
| find you on that website if I know your name.
|
| Also goes for divorces. By and large I agree with your
| take, but playing around with the search got me thinking
| that maybe we just make too much a matter of public record
| and that some things might just be too noisy, even if it
| isn't the biggest privacy violation per se. Still mulling
| it over though, so I can't say I'm committed to that
| position yet, feel free to talk me back.
| oh_sigh wrote:
| I have owned a car in NY, FL, and CA, have been married,
| and have received parking violations in all 3 of those
| states, and my very unique name is not present at all on
| that website.
| SllX wrote:
| Fair. I did search out myself and several others I know.
| Didn't find myself, but did find out that there's a guy
| with a very similar name to me (different middle name)
| that likes to live dangerously in the same State but in
| several different counties racking up speeding violations
| like there's no tomorrow.
|
| I was able to find almost every single other person I
| searched though, chose not to dig into it any further
| than I could confirm it was someone I actually knew,
| typically by birth date.
| function_seven wrote:
| I think their coverage is still spotty. I'm in
| California, and searched some names I know. The results
| came from some counties, but nothing from others. Notably
| I never saw anything from Los Angeles County, but tons of
| results from San Bernardino County.
|
| My own name brought up a couple tickets. In 2014 I got a
| cell phone ticket. There's something kind of funny seeing
| an all-caps official document explaining that THE PEOPLE
| OF THE STATE OF CALIFORNIA were all arrayed against me!
| :)
| mistrial9 wrote:
| there are at least six adults in the USA with my same
| first and last name, who are professionals and middle-
| aged .. one of the others died of a drug overdose, and
| looks a bit like me!
|
| new world now
| ghaff wrote:
| AFAIK, a parking ticket would be written against a
| car/license plate. Obviously that can be attached to a
| registration if the ticket is unpaid but it's not clear
| to me that a record of the violation would necessarily
| have the name attached in the record.
| wolverine876 wrote:
| I agree there are limits; there are no absolutes in
| anything. We don't have absolute free speech: you can't
| slander, commit fraud, conspire to commit a crime, incite
| a deadly stampede, etc.
|
| I think the main concern is that the more powerful the
| actor (e.g., government is very powerful) the more
| important transparancy is, and the more vulnerable the
| actor, the more important privacy is.
|
| For example, if an Apple (picking a random company)
| employee complains to authorities about dangerous working
| conditions, that employee may be very vulnerable - Apple
| could blacklist them; other businesses, if they learned
| of the complaint, could do the same, not wanting a
| 'troublemaker'. And that employee may be financially
| vulnerable, needing the job; their privacy should be
| maintained if possible. But Apple and the government are
| both powerful and there should be transparency about the
| working conditions, investigation, and outcome.
| SllX wrote:
| So what's the limiting principle you would use? That's
| the problem. I no more care about Apple's speeding
| violations than I do Joe Schmo's, but I probably do care
| about whether Joe here has a criminal history if I'm
| interviewing him, and the nature of that history.
|
| You could go by legal entity, just make lawsuits
| involving corporations public, and lawsuits between
| individuals private: but while Apple might have global
| influence, your rich and litigious neighbor in a rural
| county is probably a more immediate concern to you. Also
| individuals can sue corporations and corporations can sue
| individuals.
|
| I'm still inclined to think court records should stay
| public, but I'm now more interested in seeing if there's
| a kind of filter we can put on what we make public than I
| was two weeks ago.
| rhacker wrote:
| With your same example though, now this employee is
| listed in a bunch of Apple lawsuits and will be unable to
| ever get a job again because of this kind of search
| engine.
| mistrial9 wrote:
| please recall a basic motivation for the formation of the
| United States of America, versus the Kingdom of Britain under
| George III. In the legal system of Britain, all Crown records
| are SECRET unless cleared. Under the Federal Laws of the USA,
| all Federal records are PUBLIC unless classified.
|
| get the idea?
| ejb999 wrote:
| >> we need to entirely change our public records laws...
| Immediately.
|
| I am certain that many people in government would agree with
| you - they would LOVE to be able to hide what they are doing
| and not be held accountable for decisions they make (or don't
| make). We need more public disclosures, not less, imo.
|
| >>So there are records that were once 'public' but are no
| more, but this database makes them public again.
|
| This website didn't make them public, they just gave others a
| way to access them - once something is public, and in control
| of others, it is impossible to make them 'un-public' without
| violating the 1st amendment.
| TedDoesntTalk wrote:
| > once something is public, and in control of others, it is
| impossible to make them 'un-public' without violating the
| 1st amendment.
|
| I do not think that is accurate.
| lazide wrote:
| Can you be more specific?
|
| How do you propose someone could stop someone from
| releasing a record they acquired publicly, exactly?
|
| Seize it? Prohibit someone from saying something they
| found out via a public route on penalty of fine or
| prison?
| verve_rat wrote:
| Um, yes? Courts can issue injunctions to stop people from
| publishing material they have. If they breach the
| injunction they can go to jail, or have some other
| penalties imposed.
|
| Even in the US there are limits on free speech. A judge
| would weigh 1st amendment rights vs other considerations,
| but there are limits. Yelling fire in a theatre and all
| that.
| lazide wrote:
| Which works if it is 1 document, or one publisher, so
| someone can do the paperwork and a judge can handle it.
|
| And does infringe their 1st amendment rights, by the way.
|
| And if it's a million documents and the publisher is
| everyone who got a torrent done in the months before the
| injunction?
| TedDoesntTalk wrote:
| No one is talking about the reality of removing a million
| sources from the internet. We're talking about the legal
| consequences and 1st amendment rights of individuals.
|
| You do not have a 1st amendment right to post, for
| example, classified documents or protected intellectual
| property. If you post those things, even if 2,000 people
| posted them before you, the law can still come down on
| you.
| salawat wrote:
| You sbsolutely do have a right topost blassified
| documents if you come across them, but have not attained
| a security clearance.
|
| There's definitely a massive "should" aspect there,
| however, the courts will protect you in that case. The
| one who got them for you, or if you committed a crime in
| acquiring them however...
|
| That is a different story.
| lazide wrote:
| We aren't talking about any of those things - we're
| specifically talking about public records however.
| djbusby wrote:
| What's the point of sealed records then? How would that be
| managed? We should let citizens have some privacy right?
| ejb999 wrote:
| If they were sealed, they shouldn't be made public until
| they become unsealed (if ever) - but if they were public
| at some point, they are for all intents and purposes
| public forever. Very hard to make something private,
| after it has been out in the public.
| thrashh wrote:
| Plenty of things become super hard to find after no one
| cares about it anymore. High profile cases aren't like
| that but most things are not high profile.
|
| Just because you can't make something 100% perfect
| doesn't mean you shouldn't try. Locks aren't unbreakable.
| Seatbelts won't always save you. Your cloud service won't
| always stay up. Yet we use and build all these things and
| no one has an issue with it.
|
| And for all intents and purposes, if court records are
| meant to be hidden to protect someone's future chance of
| success, by all means we should do what we can.
| flutas wrote:
| > I am certain that many people in government would agree
| with you - they would LOVE to be able to hide what they are
| doing and not be held accountable for decisions they make
| (or don't make). We need more public disclosures, not less,
| imo.
|
| Agreed 100%, a local court has been making precedents with
| that and...it's unnerving.
|
| https://www.thv11.com/article/news/politics/routine-gag-
| orde...
| sva_ wrote:
| Let me guess... judyrecords.com collected these by iterating
| over some chronological id that didn't properly check if
| someone has read rights.
|
| edit: would love to check, but[0]
|
| > The State Bar Court Portal will be unavailable from February
| 25th to February 28th due to maintenance activities. During
| this time the Case Search and Court Calendar functionality will
| not be available.
|
| [0] https://apps.statebarcourt.ca.gov/dockets.aspx via
| https://www.statebarcourt.ca.gov/Public-Records-Information
| gnicholas wrote:
| On a related note, the California Bar website employs dark
| patterns that mislead members into paying inflated annual dues.
|
| When you renew your membership, there are a variety of addon
| payments you can opt into by checking boxes for these items.
| Then, on a later page, there are various addon payments that you
| have to opt out of.
|
| Making things even trickier, these aren't pre-checked boxes,
| which might lead the user to realize he needs to uncheck them.
| Instead, there is a list of "adjustments" with a dropdown menu
| for each. The dropdown defaults to "none", which would lead users
| to think that they are not paying for an extra item. But when you
| click on the dropdown, you see the option to "deduct $x" if you
| don't want to pay the additional fee.
|
| I've never seen a dark pattern like this anywhere else. Perhaps
| the folks who run the calbar website could spend less time
| finding ways to trick members into overpaying and more time
| securing private information.
| calrizien wrote:
| I noticed this too while trying to renew my bar dues. Its so
| devious. It degrades the whole profession when the gatekeeper
| is obviously trying to scam you.
| robertlagrant wrote:
| It's a sad day when you realise most things are like this.
| gnicholas wrote:
| And it's been this way for at least two years. This isn't an
| innocent fleeting mistake.
| bastardoperator wrote:
| Surprised this site isn't managed by CDT (https://cdt.ca.gov/)
| [deleted]
| adolph wrote:
| Apparently the State Bar has been breaking the law.
|
| _The State Bar announced today that it is taking urgent action
| to address a breach of confidential attorney discipline case data
| that it discovered on February 24. A public website that
| aggregates nationwide court case records was able to access and
| display limited case profile data on about 260,000 nonpublic
| State Bar attorney discipline case records, along with about
| 60,000 public State Bar Court case records. The site also appears
| to display confidential court records from other jurisdictions._
|
| _Under California Business and Professions Code 6086.1(b), all
| disciplinary investigations are confidential until the time that
| formal charges are filed, and all investigations are confidential
| until a formal proceeding is instituted._
|
| _The nonpublic case profile data from the State Bar appears to
| have been displayed on this public website in violation of this
| statute. It includes case number, file date, case type, case
| status, and respondent and complaining witness names. It does not
| include full case records. We do not yet know how many attorney
| or witness names were disclosed._
| akira2501 wrote:
| Is displaying those records in public the violation of the
| statute? Or was it merely allowing the documents out of their
| control? Such that.. now they're out, does the website actually
| have any obligation to follow the "Business and Professions
| Code?"
| user3939382 wrote:
| This is probably a stupid question to those who work with these
| concepts often: can all the user data in the DB be hashed with
| the user's password so that nothing is gained from a breach? Is
| this mostly a CPU resource problem or would would jwt
| architecture preclude that from working? (I haven't built auth
| systems for several years)
| johnmarcus wrote:
| The data is read by more than one person, so this likely
| wouldn't work.
|
| Also, I'm not sure this is an actual breach. I think they
| accidentally published the data themselves, that's the vibe I'm
| getting from reading between the lines. It's like the code
| maybe missed checking a flag that would exclude private records
| from showing.
| mwint wrote:
| Hashing would make the content irretrievable; something like
| XORing with the password would make the password recoverable if
| you know the content.
| entelechy0 wrote:
| krisoft wrote:
| XORing with the password sounds just splendid :D Caesar is
| asking for his cipher back.
|
| That method wouldn't stop a determined 12 year old, let alone
| a competent attacker. Please use a properly engineered and
| implemented encryption instead of coming up with harebrained
| schemes.
| jaywalk wrote:
| The reason we can store and use password hashes is because the
| user provides their password every time they login. So we hash
| the password they provided at login and compare that to the
| hash that was stored.
|
| We can't determine what their password is based on the hash
| alone, which is why we couldn't hash all the user data in the
| DB with their password and store that.
| rahimnathwani wrote:
| Most systems store data to which more than one user needs
| access.
|
| Most systems will restore access for a user who forgot their
| password.
| stingraycharles wrote:
| You could encrypt it with the user's password instead (rather
| than hashing it). This is also the approach taken by e.g.
| password managers, they use your password as a seed for
| encrypting all your data.
|
| The problem is that this would make the database entirely
| inaccessible unless you have access to the password. That
| creates quite a lot of friction in the user experience, the
| user would have to provide his password on every interaction
| (ie not just when logging in).
| Ajedi32 wrote:
| Users wouldn't need to provide their password on _every_
| interaction; just when logging in. The browser could save a
| derived decryption key in a cookie or local storage and use
| that to persist the session.
|
| We're basically just discussing end-to-end encryption.
|
| The real reason it's not done more often is that it makes
| things a lot of things way more complicated from a
| development perspective. Features like "allow users to send
| messages to each other" that would normally be really simple
| to implement suddenly require a whole public key
| infrastructure and logic to take into account edge cases like
| "What if the user got a new phone or changed their password
| and was offline when the message was sent?", or onerous
| threat models like "What if the server is controlled by an
| attacker when I sign-in?"
| kelseyfrog wrote:
| Not exactly following. Couldn't DMs simply not be E2E
| encrypted while maintaining encryption for personal info?
| Ajedi32 wrote:
| End to end encrypted with what key? What if the user
| changed their password? What if they got a new phone?
| What if the server is only _pretending_ the user got a
| new phone to trick you into leaking your messages?
|
| All of those problems are solvable, but "simply" is
| hardly the word I'd use to describe designing a secure
| end-to-end encrypted application. It's way, _way_ more
| development effort than just "hash user passwords with
| bcrypt and don't allow access without the password",
| which is why it's rarely done unless E2E encryption is a
| major selling point of the application.
| kelseyfrog wrote:
| Sorry, still not following. I wrote not E2E encrypted.
| I'm struggling to understand why messages that are not
| E2E encrypted would require key management.
| Ajedi32 wrote:
| Sorry, misread.
|
| Yes, you could symmetrically encrypt the _tiny_ portion
| of personal data that needs to be read _solely_ by you
| without much added complexity.
|
| However, with few exceptions (password managers, backups,
| personal notes, etc), the whole point of uploading data
| to an online service is to allow it to be shared with
| other people or services. Once that happens, you need all
| those complicated key management and security systems I
| just talked about. It's effectively end-to-end
| encryption.
| willcipriano wrote:
| That would seem to only work if the user would only be
| interested in records created by themselves or that were
| explicitly shared with them. When sharing both users passwords
| would have to be stored somewhere, either that or the raw
| content so that it could be reencrypted.
|
| Private key cryptography would be better, maybe encrypt a
| private key with a password and store that along with the
| public?
| d4mi3n wrote:
| There's concept similar to what you're describing called
| crypto-shredding[1]. Hashing isn't a good way ensure the
| confidentiality of data--just the authenticity--you really want
| to prefer a solid cryptographic algorithm if your goal is to
| ensure data remains confidential.
|
| The idea behind crypto shredding is that you have a
| cryptographic key for each entity in your system and you use
| that key encrypt all fields for a given record. When it comes
| time to delete that data, you simply discard the key used to
| encrypt it. Assuming you've used reasonably good cryptography,
| this data is now effectively gone.
|
| This is useful in cases where:
|
| * You need to support the right to be forgotten (as defined in
| the CCPA[2] or GDPR[3]), since all you need to do to "delete" a
| user's data is to delete the key used to encrypt.
|
| * The data you need to delete exists across multiple data
| stores/applications/environments and ensuring consistency for
| the deletion across all these places is difficult. For example:
| You may have DB backups, long-lived caches, or 3rd party
| services/vendors that may have copies of this data.
|
| * You want to discard some, but not all, of a user's data. This
| is important in cases you're required by law to retain specific
| kinds of information even after a person has required it's
| deletion. For example, banking and finance companies are
| required to keep specific records about who they sent money to
| or performed services for.
|
| 1. https://en.wikipedia.org/wiki/Crypto-shredding
|
| 2. https://www.oag.ca.gov/privacy/ccpa
|
| 3.
| https://en.wikipedia.org/wiki/General_Data_Protection_Regula...
| ejb999 wrote:
| Doesn't sound like a breach to me - sounds like the state bar
| association inadvertently gave out the information, and now they
| are looking for someone to blame - someone else that is.
| 5ESS wrote:
| It wasn't a breach. Those records were publicly available. It's
| a shame the site's operator complied with the takedown request.
| Unfortunately that's what happens when you use a US hosting
| provider and domain. In the interest of transparency, site
| operator should consider migrating the site to a provider
| outside of US jurisdiction and/or making torrents of the record
| data that can't be simply taken down.
| LordDragonfang wrote:
| >Those records were publicly available.
|
| The very first paragraph of the article seems to contradict
| that. Do you have a source that says otherwise?
| [deleted]
| ejb999 wrote:
| According to the Bar website:
|
| >>>The site owner (of judyrecords) claims that the State
| Bar's confidential and public case records were all
| previously available at a public URL. Is this true?
|
| >>>The State Bar Court website allows the public to search
| for publicly available case information. The extent to
| which the external aggregating website was able to obtain
| nonpublic information that was stored in the Odyssey case
| management system is still being investigated.
|
| I am inclined to believe judyrecords, until proven
| otherwise.
| 5ESS wrote:
| It's pretty gross that they won't admit they made a
| mistake and instead choose to mislead the public using
| deceptive language.
| ejb999 wrote:
| Yep, not unlike the other recent story where someone
| scraped a website and ended up pulling in SSN's and other
| personal information that was on the page, but not
| visible (but in the html) - and then the government
| threatened to prosecute the person who reported the
| problem.
|
| A perfect example why MORE public information is better
| than less.
| aksss wrote:
| Well, it's the CA state bar - it's the den for all the
| lawyers in a juggernaut state. Misdirection through
| deceptive - sorry _persuasive_ - language is literally
| what a goodly number of them do every day for a living.
| dahfizz wrote:
| > Was this a hack? And how did this happen?
|
| > We do not know yet. The State Bar's Odyssey case
| management system software vendor, Tyler Technologies, has
| been tasked with investigating what happened, taking the
| steps needed to rectify the breach, and ensuring something
| similar does not happen again. The State Bar also retained
| a team of IT forensics experts to assist in our
| investigation.
|
| > The site owner claims that the State Bar's confidential
| and public case records were all previously available at a
| public URL. Is this true?
|
| > The State Bar Court website allows the public to search
| for publicly available case information. The extent to
| which the external aggregating website was able to obtain
| nonpublic information that was stored in the Odyssey case
| management system is still being investigated.
|
| It sounds extremely likely that the state bar had a website
| misconfigured, and the automated systems of the aggregation
| site sucked down all the data it was technically (but not
| legally) given access to.
|
| https://www.calbar.ca.gov/About-Us/News/Data-Breach-Updates
| wslack wrote:
| It's still a breach if an org misconfigures an API, allowing
| more records to be available than was indended.
| uoaei wrote:
| _Mens rea_ is honestly a mistake.
|
| I don't care what the org "intended" to do. The org assumed
| the responsibility of providing an API and with it the
| responsibility of securing private data. They failed and
| should be held culpable.
|
| Boeing doesn't call it a "cyberattack" when their altitude
| control systems fail because of poor design.
| reset-password wrote:
| Why is it so impossible for these people/organizations to accept
| that they made a mistake and own up to it? The entire response by
| the State Bar of California is nothing but a deflection of blame
| that rests solely on themselves and their chosen vendor(s).
|
| What are they going to do next, call Missouri's governor and ask
| for the playbook to follow? The humans behind the scenes at the
| bar are looking incredibly pathetic here.
| duped wrote:
| There may be liability attached. But this reads more like "a
| lot of data that we assumed to be private, and legally must be
| kept private appeared on a website. Here's everything we know
| and the steps we have taken." Essentially what happens when
| there's a screw up and lawyers get consulted about how to
| disclose it.
| sva_ wrote:
| > _Why is it so impossible for these people /organizations to
| accept that they made a mistake and own up to it?_
|
| Maybe they accept it, but just don't admit to their mistake.
| Seems to be a growing trend, unfortunately. Perhaps the result
| of a society who more and more punishes people for admitting to
| their mistakes, rather than rewarding them for admitting to it
| and learning from it.
|
| It's very sad to me, that this seems to be getting so much more
| common.
| [deleted]
| dogleash wrote:
| >Why is it so impossible for these people/organizations to
| accept that they made a mistake and own up to it?
|
| Its the bar. Of all the organizations to respond like lawyers
| covering their own asses as hard as possible, you have to
| expect this one.
| xbar wrote:
| Agreed.
|
| Closing with "Law enforcement has been notified" doubles-down
| on "we published everything but maybe if we can get somebody
| charged for a bogus crime then we won't look so stupid."
| KarlKemp wrote:
| They are lawyers. ,,Pathetic" is the after-shave they use.
| "Liability" is the nickname for the kid they secretly loath.
| "Blame" is a verb.
| cyral wrote:
| > We apologize to anyone who is affected by the website's
| unlawful display of nonpublic data
|
| Sounds like Missouri teachers SSN leak again... The website that
| judyrecords scraped, discipline.calbar.ca.gov, contained all of
| these "nonpublic" records for anyone to see.
| stefan_ wrote:
| It can be legal for you to scrape something yet very illegal to
| reproduce it.
|
| This applies even more when the site you scraped didn't have
| permission to show the data in the first place. Their mistake
| does not rise to be your permission; if it was my data, I would
| have as much a claim against you as them. "The software did it"
| is not an excuse.
| robertlagrant wrote:
| The software didn't do it, indeed. The custodians of the data
| who allowed private data to be made public did it.
| cyral wrote:
| I'm assuming the owner of this site has permission to
| reproduce court documents from each source, generally these
| types of documents are public record and can be reposted. It
| sounds like whoever configured this portal where the public
| can view documents misconfigured it and allowed for private
| documents to be shown, without any indication that they were
| supposed to be private.
| tossitafter wrote:
| I used judyrecords to check myself after it was posted here. I
| had a charge from over a decade ago listed as a felony that had
| been reduced to a misdemeanor. The state system shows as a
| misdemeanor. I paid good money to an attorney for a misdemeanor.
| I'm not sure why judyrecords shows it as a felony, and it has me
| wondering about the effectiveness of my legal defense.
|
| edit: If you're wondering if I'm a hardened criminal with a wake
| of victims left behind, the answer is no. I was 22 and got caught
| in the midwest with an ounce and a half of cannabis. This
| website, as far as I'm concerned, is displaying inaccurate
| information about me that that could have serious negative
| consequences for myself.
| duped wrote:
| Just spitballing, it's just a dump of records. They might have
| records for your arrest, arraignment, charge, plead, whatever
| (not sure what's in your state). When I was looking through it,
| it didn't seem like a comprehensive or organized set of
| documents by case.
|
| You might want to check with a more thorough source, like a
| criminal background check agency.
___________________________________________________________________
(page generated 2022-02-28 23:00 UTC)