> government is not one entity and it is perfectly possible for one sub-entity to have certain data and for another not to be able to have that same data

Sure. Again, we agree. What I’m pushing back on is the notion that it was inappropriate for any branch of the government to have these data, or that any of this has anything to do with private dragnets.

They’re addresses. This isn’t a possession problem, it’s one of access.

> the USA does not have the equivalent of a GDPR

You could have super GDPR that bans all private dragnets and HHS would still have home addresses. This is a Privacy Act and HIPAA problem.