Check out this amazing piece at Computerworld. It boggles the mind. To whet your appetite:
APRIL 12, 2006
Broward County, Fla., Maricopa County, Ariz., Fort Bend County, Texas. Three counties separated by hundreds of miles with something in common: They’re among potentially hundreds of counties in several states that in recent years have made Social Security numbers, driver's license information, bank account numbers and a variety of other personally sensitive data belonging to residents available to anyone in the world with Internet access.
The exposure follows the failure to redact sensitive information from land records and other public documents posted on the Internet and makes county Web sites a veritable treasure trove of information for identity thieves and other criminals, according to a number of privacy advocates.
“These sites are just spoon-feeding criminals the information they need,†said B.J. Ostergren, a privacy advocate based in Richmond, Va. “But no one appears to be seeing it and nobody’s changing the laws,†she said.
Among the pieces of personally identifiable information from county Web sites made available to Computerworld by Ostergren and other privacy advocates were: Rep. Tom Delay’s Social Security number on a tax lien document; the Social Security numbers for Florida Gov. Jeb Bush and his wife on a quit claim deed from 1999; driver’s license numbers, addresses, vehicle registration information, height and race of individuals arrested for traffic violations; names and dates of birth of minors from final divorce decrees and family court documents; and even complete copies of death certificates with Social Security numbers, dates of birth and cause of death. (The Social Security numbers for Bush and his wife have been redacted and are no longer available online.)
“All of this information is available to anyone sitting in a cafe in Nigeria or anywhere else in the world,†said David Bloys, a retired private investigator who publishes a newsletter called “News for Public Officials” in Shallowater, Texas. “It’s a real security threat.â€
The article includes a calming quote from Darity Wesley, CEO of Privacy Solutions, a privacy consultancy for the real estate industry based in San Diego.
“There’s a real need to keep the information flowing,†Wesley said, adding that while there’s a real need to protect data “at all costs,†there’s little evidence so far that the public availability of personal information on government sites has contributed to identity theft. For most identity thieves, the effort involved in sifting through millions of public records for sensitive information is simply not worth it, she said.
“There’s a lot of value in public records, and shutting down access to them†over privacy concerns would be a step backward, she said. “Rather than wrap a lot of fear and sensationalism†around the issue, what is needed is an informed discussion of the issue by legislators and privacy advocates.
This is a good example of how simply transfering a manual process to the virtual world can result in a whole new level of invasiveness and threat.
“I understand people’s concerns, but a lot of this information has been freely available for public inspection since Plymouth Rock,†said Carol Fogelsong, the assistant comptroller for Orange County, Fla.
Even so, privacy advocates say the move to post public records on the Web without removing personally identifiable information has greatly broadened access to sensitive data and the potential for misuse. “The simple truth is these records were safe in the courthouse for 160 years,†Bloys said. Now, all it takes is Internet access and a very rudimentary idea of how to look for data to find all sorts of information, he said.
Ostergren, for instance, claims to have harvested more than 17,000 Social Security numbers simply by “messing around†in county Web sites over the past two years. Among the countless nuggets Bloys turned up was the complete medical history of a terminally ill county official.
Finally, if you worry that this type of attack seems like too much work for an identity thief, console yourself:
It is not always necessary to search for data, since online records often can be purchased in bulk for a fraction of what it would cost to buy them from a courthouse, Bloys said. One example: Fort Bend County, Texas, last year sold to a Florida company every document ever filed with the county clerk’s office — estimated to be around 20 million — for roughly $2,500. Bloys wrote about the transaction in his newsletter in December. Fort Bend County officials did not immediately return a call seeking comment.
So, given the huge number of people (over 150,000 people in a lifetime by my estimate) that already have access to individual SSNs, what is it about them that makes them secret? Isn't secrecy more an unfulfillable desire driven simply by their continued inappropriate use as authenticators?
In reality, we should be able to publish all SSNs as perfectly reasonable identifiers, but not authenticators. Without a secrecy facade to hide behind, perhaps organizations would migrate to more appropriate (i.e. stronger) authentication schemes.