by Alison Bass

Privacy – America’s Identity Theft Capital

Feb 15, 20063 mins
IT Strategy

In 1997, Arizona’s Maricopa County (which includes Phoenix) became the first government entity in the nation to post public records online. The decision garnered praise from the local press and won Maricopa a place in the Smithsonian’s prestigious National IT Innovation Collection. But that move has come back to bite the county in a most unpleasant way: Maricopa now claims the highest rate of identity theft in the nation, and local IT officials say the two statistics are inextricably linked.

“People have gone online and been able to find information like names, addresses, Social Security numbers, financial data and [information about] divorce and civil suits,” said Richard Dymalski, principal IT consultant to Maricopa County in a recent interview. “And that’s a dangerous thing.”

Now Maricopa is rethinking its kitchen-sink approach to online records, Dymalski says. And the county’s ordeal is sparking a growing debate among municipalities and states nationwide over what kind of public data should be posted online and in what form.

Before the Internet, if people wanted information from public records—such as land purchases, tax information or divorce cases—they would have to mosey on down to their local county registry, fill out a form with their name and hand it to the county clerk. Beginning in the late 1990s, the clerks realized they could streamline their workloads if they put those records online. But few municipalities considered the fact that those records contained sensitive information about individuals.

Such information, which can be plucked from anywhere in the world just by going online to county sites such as Maricopa’s, was ripe for abuse by identity thieves. Combine that with the fact that Phoenix has the second-highest rate of methamphetamine abuse in the nation (with a large number of meth addicts who need cash quick) and a high number of illegal immigrants searching for fake identities, and you have a recipe for disaster. “Arizona offers a climate unusually conducive to identity theft,” wrote Maricopa County Attorney Andrew Thomas in The Arizona Republic last year.

According to Dymalski, the county is asking its departments to redefine sensitive information so it is not posted willy-nilly on the Web. Maricopa has also instituted a policy of keeping data online for only two years. Dymalski says that an automatic purging schedule ensures that most of the sensitive information posted during the county’s technology-ho years is no longer online.

In the meantime, Dymalski says, policymakers at a state or even national level should be considering rules for how public records can be accessed. “Technology races ahead at the speed of light, and the laws necessary to go from a paper world to an electronic world have not been put in place,” he says.

“We have to come up with safeguards for this information.”