By Gabe Roth, FTC executive director

Four years ago, Free Law Project founder Mike Lissner wrote a post on his site titled, “PACER and CM/ECF are a Threat to National Security and Must be Urgently Overhauled.”

That missive came a few months after the U.S. Courts admitted its case management and public records systems (CM/ECF and PACER, respectively) were hacked as part of the Solar Winds breach of 2020.

The response? Having documents categorized as “highly sensitive court documents,” or HSDs, filed in paper form or via thumb drive and not uploaded to CM/ECF. (Not awful from a transparency perspective since, per the U.S Courts, “sealed records” — some of which the hackers are thought to have accessed — “are confidential and currently are not available to the public.”) Was that merely a temporary patch or a long-term fix?

If you guessed the former, you’d be correct.

Earlier today, per Politico, we learned that the courts’ records system was the victim of another major hack, with the judiciary once again saying it was “taking additional steps to strengthen protections for sensitive case documents,” though this time without further explanation.

The key sentence in the judiciary’s press release, from my perspective, was the next to last one, which noted that “safeguarding legacy systems poses a particularly difficult challenge.” Exactly. But there shouldn’t be a “legacy system” containing a billion court documents to begin with.

We need a new, modern, agile, secure court records and case management system — one that’s envisioned by a bipartisan bill called the Open Courts Act, which was introduced in 2020 and 2022 and, we’d wager, will again be introduced later this year.

The hack is a wake-up call — first to the third branch, confirming that its patchwork solutions aren’t working, and second to Congress, which has had the solution to this problem under its nose for quite some time.