News, Developments, and Insights

high-tech technology background with eyes on computer display

Public Records and Identity Theft

There are new details to report about the famous Hamilton County public records website. Several years ago, the clerk of courts of Hamilton County, Ohio placed a wide range of public records online. Many of the records had extensive personal information about individuals, including Social Security Numbers and home addresses. The Hamilton County website garnered a lot of attention. The NY Times ran a story about it in 2002 called Dirty Laundry, Online for All to See (Sept. 5, 2002) at G1, by Jennifer 8. Lee:

Four years ago, Mr. Cissell decided that it was time to move the county’s court records onto the Web. The documents were already public. They were already electronic. Where else to put public electronic documents but on the Internet?

“It was the natural progression of technology,” said Mr. Cissell, the clerk of courts for Hamilton County, whose seat is Cincinnati.

Mr. Cissell’s three-person technology staff put together the Web site at State tax liens, arrest warrants, bond postings — all became searchable and accessible on the Internet.

“Everything we get is scanned and available,” said Mr. Cissell, a former United States attorney. “It was very easy to open the door to the public.”

Visitors have flowed to the site. So have the complaints.

Later, in 2004, it was reported that records were removed from the website due to the fact that they were being used for identity theft:

Hamilton County Clerk of Courts Greg Hartmann announced he was removing more than 320,000 public documents from his Web site in an attempt to combat the growing crime of identity theft.

“This is a big deal. It’s not something I have done lightly,” Hartmann said of the deletions from, which gets 60 million hits a year.

Today, Hartmann will begin blocking access to traffic tickets that previously have been available. Traffic tickets, Hartmann said, are particularly important to identity thieves because they contain names, addresses, telephone numbers and Social Security numbers, all information that can be used to steal an identity and rack up large bills under the new, stolen identity.

Now the details of the identity thefts caused by the posting of the documents have come to light. From the AP:

Eight people are accused of running an identity theft ring that got Social Security numbers and other personal data from a Hamilton County Web site and used the information to ring up about a half-million dollars in spending.

The suspects created false identification documents, opened credit accounts and produced counterfeit checks in several states.

The 40-count indictment charging six individuals from Cincinnati, one from Columbus and one from Ross with conspiracy and fraud was announced Friday by the office of the U.S. attorney for the Southern District of Ohio.

The indictment says they stole the personal information of hundreds of people in southern Ohio, resulting in about $500,000 in losses for individuals, financial institutions and retailers. The indictment outlines 103 instances of counterfeit checks or fraudulent credit transactions at stores in Ohio, Michigan and Kentucky. . . .

The personal information came from records on the Hamilton County’s clerk of court Web site, other Internet sites and stolen mail. . . .

Hamilton County Court Clerk Greg Hartmann said he started removing documents containing Social Security numbers and some other types of personal data from the clerk’s Web site about 14 months ago, before he was aware of the theft investigation.

Related Posts:

1. Solove, Identity Theft: Increasingly an Affliction of the Young

2. Solove, Youngest ID Theft Victim? (PrawfsBlawg) (July 2005)

3. Solove, Why Identity Theft Isn’t Pretty (PrawfsBlawg) (July 2005)

4. Solove, Identity Theft Fears and Online Shopping (PrawfsBlawg) (June 2005)

5. Solove, Identity Thief Professors (PrawfsBlawg) (June 2005)

Hat tip: Chris Hoofnagle

Originally Posted at Concurring Opinions

* * * *

This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics. Professor Solove also posts at his blog at LinkedIn. His blog has more than 1 million followers.

Professor Solove is the organizer, along with Paul Schwartz, of the Privacy + Security Forum and International Privacy + Security Forum, annual events designed for seasoned professionals.

If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed:
LinkedIn Influencer blog

TeachPrivacy Ad Privacy Training Security Training 01