Texas counties illegally posting Social Security numbers online, AG says
County, district clerks are pushing for legislation to make the practice legal
Computerworld - Like dozens of county governments around the country, Fort Bend County in Texas has for the past several years been posting public records containing Social Security numbers on its Web site. The records are accessible to anyone in the world with an Internet connection and are routinely sold to list brokers, real estate companies and mortgage firms.
On Feb. 23, Texas Attorney General Greg Abbott ruled that such disclosure of Social Security numbers in public documents is a violation of both state and federal privacy laws and is a criminal offense punishable by jail time and fines. The ruling followed an inquiry by Fort Bend's district attorney in 2005 about how its county clerk was expected to deal with Social Security numbers when they were present in public records.
Abbott's ruling has caused an uproar among county and district clerks in the state who are panicked by the prospect of being held criminally liable for actions they say were carried out as part of their normal business. Many have shut down or severely restricted public access to court records and are seeking help from state legislators who have hastily introduced a House bill seeking to absolve clerks of criminal and civil liabilities for disclosing confidential information.
The bill, sponsored by Texas Rep. Jim Keffer, also seeks to allow county and district clerks to continue disclosing such information in the future "notwithstanding" existing federal and state privacy laws.
"When we first saw the [attorney general's] opinion, we were just panicked. We were like, 'This couldn't be happening,'" said Janice Gray, district clerk at Coryell County and vice president of the County and District Clerks Association of Texas.
In response, Abbott said he would abate his opinion for 60 days while state legislators deliberate the issues raised by the ruling. "Immediately after the opinion was issued, legislative leaders contacted this office with serious concerns about logistical implications surrounding the rapid implementation of statutorily-mandated [Social Security number] confidentiality," he wrote in a Feb 28 note to Fort Bend county attorney Roy Cordes. "The real-world consequence [of the opinion] was a virtual halt to a tremendous amount of business and commerce in Texas," he said.
At issue is the controversial practice by many county governments of posting public records containing confidential personal information on the Internet without first redacting sensitive data.
The list of documents posted on county Web sites as part of the public record includes copies of property and tax records, motor vehicle information, and court files. In some cases, documents relating to military discharges, family court decisions, juvenile court records, probate law documents and death certificates are also available. Many of these documents include Social Security and driver's license numbers, bank account details and sometimes even protected health information.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts