47 names of clergy abuse victims part of accidental email leak
A clergy abuse victim who participated in the Philadelphia Archdiocese's independent compensation program for survivors is alleging that the confidentiality of nearly 50 other victims was compromised when the program administrator mistakenly sent the individual an email in 2019 with the names of participants from another diocese's program.
Since October 2016, Kenneth Feinberg and Camille Biros, national mediation experts who managed the compensation payouts to victims of the Sept. 11 attacks and the Boston Marathon bombing, have partnered with Catholic dioceses throughout the country to implement voluntary programs where victims pursue their claims outside of court.
Victims whose cases fall outside the statute of limitations are allowed to seek compensation under these programs, which often rely on a lower standard of evidence than court proceedings.
If the victim agrees to compensation, they are guaranteed that their information will remain confidential and they waive their right to pursue further litigation. Among the dioceses participating in similar programs, which are quickly becoming the standard model for handling abuse payouts, are the archdioceses of New York, Los Angeles, and Newark, New Jersey.
The Philadelphia program, known as the Independent Reconciliation and Reparations Program, was initiated in 2018 and as of this spring has had more than 600 claimants come forward. Among those participants was an individual who on Aug. 23, 2019, received an email from Biros listing the names of 47 claimants in the Pittsburgh Diocese's compensation program.
The email included the names of 45 individuals who had been deemed eligible to participate in the program and two others whose abuse was perpetrated by religious order members, not priests of the Pittsburgh Diocese.
Upon receiving the email from Biros, the participant — who has requested anonymity due to the promised confidential nature of the program — informed the Feinberg Law Group of the error but was unsatisfied with the response. The person told NCR they were not guaranteed that the victims whose identities had been disclosed would be informed of the error.
Lynn Shiner, the victim support facilitator for Philadelphia's program, confirmed to NCR that the victim reached out to her with concerns that she had been the unintended recipient of an email that compromised the identity of the victims.
Shiner said she referred the victim to Judge Lawrence Stengel, a former chief judge for the U.S. District Court for the Eastern District of Pennsylvania who served on the program's Independent Oversight Committee.
Stengel met with the victim and the victim's siblings, who were also reconciliation program participants, on Dec. 23, 2019. He told NCR that he commenced his own investigation into what had occurred.
"The concern was whether there were systemic problems with security of the names of people who made claims in the Philadelphia program," Stengel said by phone. "That's what we wanted to look into, as well as the circumstances of this communication containing names of claimants from another program."
"Camille Biros explained that she was sending an email to a team member and the address auto-populated" with the victim's name, Stengel continued. "She simply didn't catch that and it was a one-off auto-population mistake which she freely acknowledged."
Stengel said the committee was satisfied that there was not a systemic issue with the way data was being handled and that he informed the lawyers for the Philadelphia Archdiocese of the incident and the committee's conclusion.
In an email, Biros categorized the incident as "pure and simple human error."
"There was no detail[ed] information about these individuals and there were no attachments to the email," she said. "It was a list of potential claimants contained in the body of the email with no additional information. There was no data breach. No hacker entered our sy...