Dallas Police Department/Handout via Reuters

This story has been updated with a statement from the Dallas Police Department, saying it plans to remove the six cases identified by The Washington Post from its online database.

The Dallas Police Department made public the names, ages, and home addresses of some alleged sexual assault victims on an official website, an incident that highlights how the push to put more police records online may also be inadvertently leaving victims exposed.

Dallas police are not alone in revealing the personal data of crime victims on the Internet. Federal Trade Commission chief technologist Lorrie Cranor said departments across the country have been inconsistent in how they scrubbed records as they offer more transparency about their activities in the wake of several high-profile police shootings and other uses of force.

Cranor found a police department that created a database that hid personal information in cases of sexual assault but allowed the names, addresses and ages of victims of other crimes to be published. Others withheld the names of victims but published their home addresses.

“When records are readily accessible and easily searchable, there may be some undesirable consequences,” Cranor wrote in a blog post this week. “Of particular concern is the possibility that people who access open police data may be able to identify crime victims or reveal their locations. For victims of domestic violence and sexual assault, this could put their safety and security at risk.”

Cranor did not mention any departments by name. But a Washington Post review of several new police record databases confirmed Cranor’s findings.

The Dallas Police Department’s online incident database does not appear to have included reports categorized as sexual assaults. In at least six other cases, though, the victim complained of a sexual assault or an attempted sexual assault and the incidents were labelled as “Class C Assault offenses” or simply “Injured Person.” In these cases, the name and age of that victim is listed online. A few times, the home address was included as well.

In one instance, a note says a “suspect sexually and physically assaulted” the alleged victim. Another says an “unknown suspect had unwanted sexual contact with the complainant.” In some cases, the records seem to indicate that the alleged victims received follow-up sexual assault care from the department’s Victim Services unit.

Dallas is one of the cities that committed to a police data initiative launched at the urging of the White House last year. The effort pressed local law enforcement to release data in easily searchable formats. As of last week, more than 50 jurisdictions have signed on and some 90 data sets have already been made public in connection with the program -- but each jurisdiction makes its own calls about what information should be released.

In an emailed statement, Rob Sherwin, the deputy chief at the Dallas Police Department, said, “a full investigation of each incident supports the final classification.” That, in turn, “determines if it will be available on the portal,” Sherwin wrote.

Sherwin added, “The Dallas Police Department does not publicly identify the victims of sexual assault.”

[Shortly after this story was published online on Friday, Sherwin sent another statement saying the reports identified by The Post were in the database due to a "technical error." The Department is currently working "to ensure that any report related to an offense sexual in nature (regardless of final outcome of the investigation) is filtered out of the system," he wrote.]

Kaofeng Lee, deputy director of the Safety Net Project at the National Network to End Domestic Violence said knowing that the names and home addresses of victims will be publicly linked to crime reports may make some less likely to come forward out of fear for their own safety or just a desire to protect their privacy. Even general information about a person’s age, gender and location can make it easy for criminals to identify the victim.

Balancing the desire for greater transparency and the need to protect the privacy of victims can be a difficult issue for the authorities. And some police departments may not have in-house expertise to know which data should be kept anonymous, said Arvind Narayanan, a computer science professor at Princeton who researches privacy issues.

“Depending on what one is looking to release, it can be anywhere from easily doable to impossible,” said Narayanan.

Cranor, the FTC chief technologist, and others addressed these issues at an event at the White House last week. The Department of Justice Office on Violence Against Women and the National Network to End Domestic Violence also plans to pull together a resource aimed at helping police departments balance opening up their crime data with protecting victim’s privacy, according to an administration fact sheet.

But that won’t do much to help victims who can be picked out from the information already released, including those exposed in the Dallas data base.

“Once data is downloaded, even once, the downloader may re-distribute it to others and there may be little or no legal recourse,” said Cranor.