Accessing Public Records in the Digital Age? 18
A concerned Anonymous Coward asks: "News.com has a story about what happened last week with RootsWeb. The state of California legally sold them the birth records of all Californians born since 1905, and they put the records online. Our Senator, Jackie Speier, immediately took action to stop the selling of these records in electronic form. Should public records (drivers licenses, criminal records, birth/death records etc...) be this accessible? Is it not hypocritical to make these records public but not easily accessible, or does the level of accessibility matter? Does it matter that they want to make this information easily accessible to big businesses (credit card companies, snail mail spammers) but not to the private citizen? Or should all these records just simply not be public?" There's a difference between "publicly available" and "publicly accessible", and there is something to be said about using this information for evil. How can we balance the two? The records should be available, yes, but only accessible to people who might need it (hint: not spammers and resellers). This issue is currently under debate in New York, as well.
Also in Oregon (Score:2, Informative)
Fair Information Practices (Score:3, Interesting)
Generally, public records are created for government accountability. However, there are no restrictions on use--anyone can use public records for any purpose under the sun. We need to establish appropriate uses and audit logs to catch those use who public records for identity theft, pretexting, and marketing.
The fact of the matter is that many banks and other institutions use mother's maiden name and DOB as passwords for user verification. With that information public, all Californians are at heightened risk for pretexting.
Restricting access doesn't work. When you restrict access, the infomation brokers (who have the resources to send researchers and aggregators to records offices) get the records and citizens don't.
Well, you can get rich people's SSNs from the SEC. (Score:2)
539-60-5125 [sec.gov].
Bill Gates', whose URL I lost, is 539-60-5125.
- A.P.
oops: (Score:1)
- A.P.
Re:Well, you can get rich people's SSNs from the S (Score:2, Informative)
It's even more absurd to know that you can get the SSN of anyone sharing your name (or the name of someone whose SSN you know).
When my father died, my mother did a search on his name at the Social Security Administration site, and got back 17 ( seventeen )pages of men with the same first and last names, with SSNs, DOBs, and last known residences. That from a 65 yo lady who doesn't want to deal with the computer unless it's running a bluescreen session of DOS Word Perfect.
Re:Well, you can get rich people's SSNs from the S (Score:1)
Re:Well, you can get rich people's SSNs from the S (Score:1)
HJ-Osmet Mode On:
"....I spoof dead people...."
HJ-Osmet Mode Off
Interesting possibilities for, say, Radio Shack. (Score:1)
When the checkout people ask you for your SSN, you give them that number. When it gets irritating enough, maybe the companies will stop...
Swedish law (Score:2, Informative)
One of many many restictions regarding storage of personal data that exist here, basically, you can't store data about someone unless they agree to it. If they do, you can't share it with someone else unless they agree. You can't make it public nor store it in an unsafe manner. All to protect the individual from having various (commercial) forces build a profile that can be used|shared|sold to benefit them.
To be honest I'm surprised that the US doesn't seem to have as strong a protection, an interesting battle between commercial forces and individual integrity for sure.
Re:Swedish law (Score:1)
The only way this can be considered real protection is if there is a subsequent clause which says that the registered person must be personally notified of the intention to make the information available, and given sufficient time to respond negatively before the information is made available.
Re:Swedish law (Score:1)
Yes, but iirc they cannot even begin to store the information* without a permit from the overseing board, and to get that permission, they need a good reason, "we're gonna drown him in spam" isn't quite good enough.
*This depends of course on the type of information, but basically anything that can identify an individual (using our equivalent of a SSN) requires a permit.
The type of information that may be made public varies aswell depending on information and type of publication. For instance, technically it would be illegal for me to provide information about a Swede by name|ssn here. I am not allowed to publicise personal information if there is not a good enough reason for it.
Public safety only (Score:2)
Selling public records quickly becomes a conflict of interest, because first and foremost, the primary responsibility of a government is to the residents. When selling things becomes a priority- who wins? Probably the person who is waving the cash, not the resident. The resident forked up cash, but that was way back in April. One thing we have to remember- the government is a non-profit institution. Once it starts making a profit- that's called corruption.
What we're calling public records should be available, but for public safety purposes only, police, hospitals, health departments. I can see circumstances where ownership records should be made available (such as who owns that vacant lot with the toxic waste dump), but those records should at the very least, be prohibited from redistribution (can't we get copyright to work on our side?). Direct marketers will still be able to get names and addresses, they will just have to work a bit harder, and not go to the easiest, cheapest source.
Recent UK Electoral Roll court case (Score:2)
The gist of the claim was that since it is illegal NOT to register to vote in the UK there was no way for someone to legally opt out of this particular scam (btw uk readers: you can opt out of most direct mail (they claim 93%) in this country via the list maintained by http://www.mpsonline.co.uk/ )
The scene is now set for challenges to this ruling because of the words 'commercial purposes'. Everyone now claims they don't use the electoral roll as a source of names but purely to check the accuracy of the information they do have, which arguably they have to do by law (under the UK's Data Protection Act).
This is something of a red herring - all they can possibly need it to check is the spelling of your name and that's never stopped me being billed or the post getting through! There's a separate data source (the 'PAF' - post office address file, see below) which allows them to fix the address, and the phone no can be checked using BT's phonedisc.
The other equivalent sources of information in the uk break down as follows -
- Telephone books/CDs: managed by BT on behalf of OFTEL for historical reasons, the directory enquiries database contains all yer info and BT are required to pass it on (for RAND-style fee) to all telephone co's (seriously - BT has *2* directory services groups, the one that maintains the national number info is not allowed to make a profit!) Or you can just buy it on CD; I don't know what protection they use to stop reverse lookups or just ripping out all the addresses.
- The Post Office Address File is under Crown Copyright (AFAIK) and is managed by Royal Mail and not their semi-private arm, Consignia. In practice this means that they sell their lists for a RAND fee but it doesnt include people's names. Not much of a privacy issue there.
- The Land Register is maintained by a Govt dept and you can get access to all of it, but at a fee based on the area searched. In practice this would be an *incredibly* expensive way of getting info for marketing. However, like the electoral roll there is no way to opt out.
- The electoral roll (above) is maintained by local government organisations and so they don't have a national policy. Councils may give free access to the roll to companies doing work for them in some cases.
This is amazing. (Score:1)
Query test only... (Score:1)