California Republicans want audit of state's Justice Dept. gun owner data leak

A group of Republican state lawmakers are calling for a state audit of the California Department of Justice in the aftermath of a June data leak that exposed the personal information of Concealed Carry Weapon permit holders and other gun purchases in the state.

On June 27, the California Department of Justice published the personal information – including full names, addresses and driver's license numbers – of thousands of Concealed Carry Weapon (CCW) applicants in an update to its Firearm Dashboard Portal. The state DOJ was "made aware of a disclosure of personal information that was accessible in a spreadsheet on the portal," according to the attorney general's office.

The portal featured information on gun purchases and concealed carry license holders, as previously reported by The Center Square. The database was taken down within 24 hours of being published.

Following the leak, the California Department of Justice confirmed that the leak exposed personal information of those who were either granted or denied concealed carry permits between 2011 and 2021. Attorney General Rob Bonta said he was "deeply disturbed and angered" by the data leak and launched an internal investigation.

Assemblymember Jim Patterson, R-Fresno, called the data leak "horrendous" during a news conference Tuesday, adding that it is estimated more than 200,000 Californians were impacted. Patterson and more than a dozen other Republican lawmakers sent a letter to the Legislature's Joint Legislative Audit Committee on Tuesday requesting an emergency audit of what happened during the breach "so we can ensure that immediate reforms are implemented to restore public trust."

"It is inconceivable to me how something like this can actually happen," Patterson said during a news conference Tuesday. "There is no more private information that the state DOJ and Attorney General has in their possession than information about people who thought themselves at serious enough risk that they were able to demonstrate an outright need for a CCW permit and to receive it. Then to have that privacy betrayed by the very department that collected the information is really a question of how did we get here, how serious is this and we need independent eyes."

Patterson, a member of the Joint Legislative Audit Committee himself, said he is requesting an emergency audit to investigate the data leak. Under committee rules, an emergency audit request can be approved with "the concurrence of the Chair and Vice Chair" if the request is under $190,000. If any committee member objects to an approved audit request within five days, the audit is placed on hold until the next regular committee meeting, according to the rules.

Because of the cost limit, Patterson wrote that the State Auditor could "modify and decrease the scope of this audit as necessary" to stay under the cost limit.

Assemblymember Rudy Salas, chair of the Legislative Audit Committee, did not respond to a request for comment from The Center Square regarding the audit request.

Through the audit, lawmakers want to know how many Californians were impacted by the breach, if steps were taken to notify individuals following the data leak, and if the DOJ is complying with rules and regulations related to data protection.

"If anything that a state department has done should require an audit – independent, eyes from the outside, with no agenda – and the tools to discover what really went on, this is it," Patterson said.