Access to Public Records Outweighs Risk of Identity Theft

I took an interesting quiz about identity fraud and theft Monday at a public forum held at The News Tribune.
Here are a few of the questions. Answer them as you read along.

Here are the answers, according to the 2006 Identity Theft survey done by Javelin Strategy and Research for the Council of Better Business Bureaus:

  • Decreasing. The number of Americans who were victims of identity fraud (someone using your identity for financial gain) declined from 10.1 million to 8.9 million people between 2003 and 2006.
  • False. Seniors have the lowest incidence of any age cohort at 2.3 percent. Generation X (ages 25-34) suffers the highest rate of identity fraud: 5.4 percent.
  • False. More than 90 percent of data compromise, when the source is known, occurs through channels other than the Internet.

I learned all this from a presentation by Jerry Handfield, Washington’s state archivist and president of the Washington Coalition for Open Government. The coalition, The News Tribune and the Western Washington Chapter of the Society of Professional Journalists hosted a public forum on identity theft and public records.

I occasionally hear from people that Internet access to public records needs to be restricted because it can be a source of identity theft.

While that’s possible, it’s an almost non-existent threat, and the public benefits of access to records far outweighs the threat.

So how do thieves get our records and steal from us by stealing our identity? Here’s the breakdown, by percentage of where the compromised data is obtained:

Thirty percent is from lost or stolen wallets, checkbooks or credit cards; 15 percent is stolen by a corrupt employee; 15 percent is stolen in-home by friends or relatives; 8 percent is stolen from mailboxes or fake change of address; 7 percent is obtained by the misuse of in-store data (credit card receipts and the like); 6 percent is stolen from a company with financial data; 5 percent is stolen by computer hackers, spyware or viruses; 3 percent is stolen via “phishing” where someone sends you an e-mail posing as your bank, for instance, and you give them your information; 1 percent is stolen from the trash; and 0.3 percent comes from online computer transactions. An additional 7 percent is stolen by some other means.

Who is stealing the data?

Twenty-six percent of the time it’s a friend, a neighbor or someone in your home; 22 percent of the time it’s a family member or a relative; 20 percent of the time it’s a service employee, a waiter or a cashier; 7 percent of the time it’s someone on the Internet; 6 percent of the time it’s someone working for a financial institution; 4 percent of the time it’s someone at work; 3 percent of the time it’s a nonemployee who gets the information through a financial institution; and 12 percent of the time it’s someone else.

“The solution isn’t to clamp down on the availability of public information,” said Toby Nixon, a Microsoft executive and former state representative who was a panelist at the forum, “but to make it harder to use the information to commit identity fraud.”

He suggested several ways identity theft could be made more difficult: making identity documents harder to counterfeit; requiring governments to make sure someone hasn’t died before issuing a birth certificate; requiring merchants to do a more thorough check before issuing credit; and requiring check-cashing companies to work harder to establish identity before cashing a check.

State Auditor Brian Sonntag agreed that hardening security is better than eliminating access to public records.

“I would rather see us respond to a problem than try to prevent one that hasn’t happened yet,” he said.