It's Time to Stop Identity Theft At The Source
by David Bloys, News for Public Officials
Would you give your sister's address to a stalker or your brother's bank account number to strangers on the Internet? Would you post your neighbor's Social Security number on the Web or tell thousands of sex offenders the age of your children and where they live? Would you pass out copies of your father's signature and make it easy for anyone to forge his name? Well someone is, and you are paying them.
Intimidated by outside interests seeking a cheap and easy way to exploit Public Records in volume, county officials nationwide have caved to the demands of international data traffickers. Now they offer up your most sensitive data on state-run Web sites that provide remote and often anonymous access to anyone, anywhere in the world.
Just last month, police in Worthington Ohio reported that hundreds of people in five states were the latest victims of identity theft resulting from county officials publishing sensitive information over the Internet. In several cases to date, private institutions and government agencies that hold and distribute this data have been found liable for the inappropriate or illegal release of private information and data, and the havoc it may wreak on identity theft victims and their families. Last year, a Virginia woman whose Social Security number was stolen by a temporary employee at a hospital where the ID theft victim gave birth won $351,000 in damages after a trial.
If this makes you angry, you'll be glad to know that legislators, attorneys and security companies are devising effective laws and strategies to take your private data offline and out of reach of international criminals. But in the meantime, there is much you can do to protect yourself and your family; starting with understanding the data criminals most often exploit and learning how information you might not share with your closest relative ended up on the internet. You may also want to confront the people your paying to publish your private information all over the world.
Almost every document the county gathers on you makes profitable reading for identity thieves, predators and others who believe they have a right to traffic in your personal information. Some documents, like divorce and probate papers list complete inventories of your home, investments, vehicles and credit cards. Divorce documents also explain who got what in the settlement, the names of your children, their ages, gender, Social Security numbers, where they go to school and where a stealthy predator can expect to find them when they are away from you.
Mineral leases, judgments and tax liens are brimming with Social Security numbers, which some experts call the key to identity theft. A Federal income tax document published online by Fort Bend County Clerk Dianne Wilson in Texas contains former U.S. Congressman Tom DeLay's Social Security number. A single mineral lease from the same site contains Social Security numbers belonging to twenty two of the county's leading citizens. Other documents found on the Clerk's site contain SSN's belonging to two District judges and a County commissioner. Ten's of thousands of Fort Bend citizens are similarly exposed.
Faced with a ruling from Texas Attorney General , Wilson stubbornly refused to protect her citizens and instead announced she would remove only the first five digits of any SSN's she might find in the twenty million records under her control. She asked local taxpayers to pay for expensive redaction software that would allow her to continue providing your most sensitive data to anonymous users half-a-world away. It would have been more logical, ethical and far less expensive to simply pull the plug on the county Web site. But Wilson isn't known for careful use of the internet or peoples identity; even her own. Late last year her own identity was called into question when KHOU-TV confronted her with the fact that the title of Dr. and PhD she obtained online and attaches to her name in official documents is an illegal deception under Texas law.
Within minutes of a criminal gaining remote access to your private information on the county Web site, the information can be sold to thousands of criminals all over the world. Your most private data can pop up anywhere — from Russia, where credit card numbers are ripe for the picking on underground Web sites, to the Middle East, where terrorist groups finance operations through identity theft, and major cities in the United States, where street gangs sell forged identity papers to illegal aliens.
American taxpayers deserve better protection from elected officials we entrust with the data that documents our lives. Our forefathers considered the repository as a whole to be so important that they protected the records behind steel vaults. Many responsible county officials still do in spite of increasing pressure from outside interests and misguided peers. Indeed the primary function of county officials has always been to preserve the repository as a taxpayer-owned asset while making individual documents available within the confines of the jurisdiction. The system worked exceedingly well until a few years ago when some county officials decided everyone in the world should have the same access to citizen records as those who visited the courthouse in person. These few county officials threw the security of their citizens and centuries of time-tested tradition out the internet window.
The Need to Protect Your Good Name
It is evident there is a need to protect individuals regarding identity theft and fraud. A slew of credit monitoring and protection products promise to notify the subscriber when there has been a change in their credit score or when there appears to be suspicious activity with one of their accounts. The majority of these services are reselling credit monitoring services, which provide no preventative features. Currently, there are over 70 identity theft services offered on the market and the number is growing. But credit monitoring does nothing to repair the damage caused by identity theft and like most identity theft services goes into effect only after an individual’s identity has been compromised and is available on the black market.
According to a recent independent study by Javelin Research, "The types of credit monitoring services offered by various creditors and the credit scoreing agencies -simply don't work. Their services are designed to raise profits for the credit industry and have very little effectiveness, if any, in guarding our identities."
One identity theft prevention company has taken a proactive approach by acting before the thieves can use the stolen data. LifeLock does this by placing fraud alerts on all your accounts thus rendering the stolen data useless to anyone except you.
The Javelin study showed, "To prevent Identity theft, fraud alerts clearly trump credit monitoring."
The system works by only allowing the consumer who has placed the alerts the authority to utilize his or her own credit. The alerts ensure that if anyone tries to do anything with your credit score, such as get new credit, change your address, expand credit lines, open a checking account, get insurance, utilities, or anything else, the financial institution must call you directly for your approval before anything happens.
As far as can be determined,
LifeLock was the first data security company to take this common sense
approach. Todd Davis, the company's CEO is so confident the system
works that he publishes his own Social Security number on the
website and in television advertisements. LifeLock will stop
thieves from using the information for the most common types of identity
theft. Unfortunately, even this robust service will not remove the private
information of millions of victims who never wanted their Social Security
numbers to appear on any Web site.
Holding Government Web Sites Accountable
In 1997, Arizona’s Maricopa County became the first government entity in the nation to post Public Records online. Maricopa now claims the highest rate of identity theft in the nation, and local IT officials say the two statistics are inextricably linked." Just before Christmas,2005 while Maricopa County Officials were denying that criminals were using the County Website, a 23-year-old methamphetamine user was showing Scottsdale officers exactly how he used the County Recorder’s Website to steal identities.
Clearly, if a government agency or business entity fails to protect your information or is somehow party to the breach that revealed information they had filed on you, there is a definite liability question whether it be a institution, an employer, a credit bureau or the government. Even if an employee or contractor committed an illegal act and revealed your data, there may still be a liability issue for the employer of that person or their services. Click here for a free evaluation by attorneys interested in your specific case.