Texas counties illegally posting Social Security numbers online, AG says
County, district clerks are pushing for legislation to make the practice legal
Computerworld - Like dozens of county governments around the country, Fort Bend County in Texas has for the past several years been posting public records containing Social Security numbers on its Web site. The records are accessible to anyone in the world with an Internet connection and are routinely sold to list brokers, real estate companies and mortgage firms.
On Feb. 23, Texas Attorney General Greg Abbott ruled that such disclosure of Social Security numbers in public documents is a violation of both state and federal privacy laws and is a criminal offense punishable by jail time and fines. The ruling followed an inquiry by Fort Bend's district attorney in 2005 about how its county clerk was expected to deal with Social Security numbers when they were present in public records.
Abbott's ruling has caused an uproar among county and district clerks in the state who are panicked by the prospect of being held criminally liable for actions they say were carried out as part of their normal business. Many have shut down or severely restricted public access to court records and are seeking help from state legislators who have hastily introduced a House bill seeking to absolve clerks of criminal and civil liabilities for disclosing confidential information.
The bill, sponsored by Texas Rep. Jim Keffer, also seeks to allow county and district clerks to continue disclosing such information in the future "notwithstanding" existing federal and state privacy laws.
"When we first saw the [attorney general's] opinion, we were just panicked. We were like, 'This couldn't be happening,'" said Janice Gray, district clerk at Coryell County and vice president of the County and District Clerks Association of Texas.
In response, Abbott said he would abate his opinion for 60 days while state legislators deliberate the issues raised by the ruling. "Immediately after the opinion was issued, legislative leaders contacted this office with serious concerns about logistical implications surrounding the rapid implementation of statutorily-mandated [Social Security number] confidentiality," he wrote in a Feb 28 note to Fort Bend county attorney Roy Cordes. "The real-world consequence [of the opinion] was a virtual halt to a tremendous amount of business and commerce in Texas," he said.
At issue is the controversial practice by many county governments of posting public records containing confidential personal information on the Internet without first redacting sensitive data.
The list of documents posted on county Web sites as part of the public record includes copies of property and tax records, motor vehicle information, and court files. In some cases, documents relating to military discharges, family court decisions, juvenile court records, probate law documents and death certificates are also available. Many of these documents include Social Security and driver's license numbers, bank account details and sometimes even protected health information.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts