County level security breaches aiding ID
thieves, stalkers and terrorists.
David Bloys - News
for Public Officials
Updated Oct 15 2012
County Websites across the country contain millions of
searchable records brimming with all the ingredients identity thieves,
stalkers, and terrorists need to steal your identity, stalk your
children, or target American infrastructure.The problem pits County officials, their constituents,
and companies hoping to profit from the digitized records against each other.
A virtual mall for identity thieves
Recently, Monica Hatcher with the Miami Herald
wrote a report on how County
Websites facilitate identity thieves. Hatcher begins her study by
determining just how easy it is for anyone, from anywhere, to gather
sensitive information on Florida residents. Using Websites offered by two
County Clerks, (Miami-Dade and Broward), a quick search revealed the
Security numbers of several notable citizens including, Miami Heat
center Alonzo Mourning, Miami Herald publisher Jesús Díaz Jr. and Dolphins
defensive end Jason Taylor. Florida is home to some of the most liberal
Public Records laws and counties there were among the first to publish the
sensitive documents online.''The government down there is spoon-feeding criminals
all over this world,'' said B.J. Ostergren, a Virginia-based privacy
advocate who has brought national attention to the security threat posed by
online records. ``What they should have done was make the clerks and
recorders close down the websites until they finished redaction.''
In 2010, B.J. Ostergren,
founder of the The Virginia
Watchdog uncovered the Social Security numbers of Florida Governor Jeb
Bush and his wife on the Miami-Dade County Website.
Since 2002, the Florida clerk's offices began
personal information in the documents when the affected individual submits a
written request. How many people know about the option is unknown. The
Governor exercised his right only last year.
While other sensitive
information about the Florida Governor and his family remains on the County
Website, the Bush's Social Security numbers have been removed.
It was too little, too late. Today, the numbers are available on Websites
all over the world. This information combined with information still
available on the county Website is all an identity thief would need to take
control of the Governor's identity.
Actually, depending on what an
identity thief has in mind, criminals may have little need for anything
EXCEPT what is available after
expensive redaction efforts. A Social Security number might be handy, but it
is not necessary for many of the most damaging kinds of of identity theft.
Deed fraud, for example, is
rampant in Florida and spreading across the country as more counties go
online. County records displayed on the Internet provide everything a
criminal needs to steal your home. It is as easy as clipping an image of an
old signature and current notary seal from the County Website and pasting
them onto a bogus deed or mortgage. The fraudulent deed can then be filed
with the county by courier, mail, or in some cases online.
If you are thinking title insurance will protect you, think again. Title
insurance guarantees that there are no fraudulent deeds at the time you buy the
property but offers no protection when someone assumes your identity to sell
your property. Victims are on their own and will have to go to court to
prove they are the rightful owners. Identity thieves aren't
the only criminals that have learned how easy is to anonymously exploit the
so-called "Public Records".
A 'stalker's paradise'
In 1999 Liam Youens used information he found on a
Website to stalk and murder Amy Boyer, a woman he had been obsessed with
since Junior High School.Youens last entry on his Website before murdering
Amy was, “I found an internet site to do that, and to my surprize (sic)
everything else under the Sun. Most importantly: her current employment.
It's accually (sic) obsene (sic) what you can find out about a person on the
Despite their relative value to some identity thieves, privacy advocates
believe Social Security numbers are not the most potentially damaging
information available from online Public Records. Stalkers can gain an advantage
over their victims using information gained from state and county Websites.
Two weeks after the young woman's funeral, identity thieves
used the dead woman's identity to run up several thousand dollars in credit card
debt.Long before Amy's murder,
1989 murder of TV actress Rebecca Schaeffer in California was attributed to the easy access to digitized
Department of Motor Vehicle records in California. Shaeffer's murder
sparked Federal Legislators to pass the Driver's Protection Act. The law
targets anyone who "knowingly obtains, discloses or uses personal
information from a motor vehicle record," and makes it illegal for
companies to buy driver records from state governments.
Earlier this year, Fidelity
Federal Bank & Trust of West Palm Beach agreed to pay a $50 million in a
class-action lawsuit for buying 565,600 names of motorists from
the Florida Department of Highway Safety and Motor Vehicles from 2000 to
2003. Fidelity Federal paid a penny a name — $5,656. In one potentially huge
class action, several motorists have sued data gatherers ChoicePoint,
Experian, Lexis Nexis, First American Corp. and a number of other companies
for breaking the federal Driver Privacy Protection Act by buying driver
records from Florida. A Terrorist's Spy Shop
According to Secretary of Defense Donald Rumsfeld,
speaking on January 15, 2003, an al Qaeda training manual recovered in
Afghanistan tells its readers, "Using public sources openly and without
resorting to illegal means, it is possible to gather at least 80 percent of
all information required about the enemy."
Even before the training manual was discovered, Federal
agencies warned that al Qaeda was using
state and local websites. The National Infrastructure Protection Center (NIPC)
issued an advisory that cautioned municipalities to review the content of
their websites to protect against the inadvertent disclosure of critical
infrastructure information. The NIPC had received reports that
infrastructure-related data was being accessed through the Internet from
sites around the world.
In Jan 2002, the U. S. Department of Transportation's
Office of Intelligence and Security issued a similar warning stating that,
"information has been developed which indicates Al-Qa'ida members may be
using municipal and state websites in the U. S. to obtain information on
local energy infrastructures, water reservoirs, dams, highly-enriched
uranium storage sites, nuclear and gas facilities, and emergency fire and
rescue response procedures." In October of 2004 Federal law enforcement authorities
notified school districts in six states that a computer disc found in
Iraq contained photos, floor plans and other information about their
schools. The downloaded data found by the U.S. military in July
— all publicly available on the Internet — included an Education Department
report guiding schools on how to prepare and respond to a crisis, said one
official, speaking on condition of anonymity in an interview with the
Subsequent to the Federal law enforcement warning, the
National Association of State Directors of Pupil Transportation Services
issued a policy statement that recommended school officials "Discourage
policies which make routes, schedules and locations available on the
Terrorists don't have spy satellites or spy planes to
help them, but terrorists, can sit in an Internet cafe in Iran or a public
library anywhere in the world and learn from county Websites a wide variety
of details about targets such as transportation facilities, nuclear power
plants, public buildings, airports, schools, ports, power lines , chemical
companies, nuclear and chemical disposal plants and the people who work
Get the Newsletter - It's FREE