These days there is a great deal of news about identity theft. In 2006, identity theft cost U.S. citizens an estimated 49 billion dollars. Victims paid about $4.5 billion of that directly, with companies and banks paying the rest (costs that are ultimately passed on to consumers).

Public officials frequently speak about the need for consumers to take precautions to protect their personal information online. Millions of dollars have been spent on public service messaging and Web sites aimed at informing consumers of this risk. Youth are chastised for being reckless with personal information (somehow ignoring that adults are often equally casual). Companies, universities, and government agencies are rebuked for breaches in their data security that have allowed more than 100 million consumer data records to be compromised.

The messaging urging consumers to protect their information online implies that consumers are to blame if identify theft occurs. This simply isn't fair to consumers because while government agencies strongly advise consumers to protect their personal information, they themselves quite possibly represent the largest risk of leaking sensitive consumer information.

It used to be that collecting a piece of information about someone's home, for example, meant a trip to the county office for a photocopy. Even 10 years ago there was no way of cross-tabbing that photocopy with millions of other records—let alone in a matter of moments—making the opportunity for large scale abuse of the information both extremely limited and expensive.

That just isn't so any more. With the advent of mass data collection, advanced search engines, and the ability to access this data from anywhere in the world, we've reached a point where the Freedom of Information Act is abetting the exploitation of citizens by exposing their sensitive information.

It's impossible to know how much crime government Web sites have facilitated. However, given the great lengths criminals have taken to extract information from individual consumers, it's fair to assume they've already taken full advantage of the enormous amount of personal information freely given by the government.

Take this example

Look at Denver's real property data provided by the city of Denver, Colorado. (The choice of Denver was entirely random; try this with your own city or county.) This Web site lets anyone search by address or lot parcel number. I picked a random address (information altered to protect the individual); the results of my search are shown below:

This record displays:

1 The female owner's name and both the property address and her actual address (in this case they are the same).

2 When the house was built, square footage, and features.

3 The value of the house.

4 The type of record used. The Death-Certificate Record indicates that the owner is a widow and the sole owner since August 2004.

5 How much the owner pays in taxes.

6 Other links to more information about her taxes and sales information on her home.

This represents a great deal of very useful information for criminals. For example, combine that property record with just one more source of information. A simple phone directory search gives you:

1 The woman's age and her phone number.

2 Click again to get a map to her home…

3 … and the names of her neighbors.

Given this woman's age, she may never have used a computer or the Internet. Even if she has, she probably hasn't spent much time blogging or leaving her information on public Web sites. She's most likely heard the government cautions about protecting her information and is likely to be quite careful. She probably assumes that she is safe from online identity theft or other crimes associated with Internet use.

She would be wrong.

The Government’s intent has never been to abet criminals or expose consumers to crime. Unfortunately intent doesn't deter crime, actions do.

What government agencies must do

·          Clearly indicate in government- sponsored public messaging in the government role in exposing consumers to risk.

·          Thoroughly evaluate and justify all information they make public about individuals.

·          Do a comprehensive review of the implications of the existing practices around the Freedom of Information Act. Changes must swiftly be made to protect individuals while safeguarding the public's right to know about government actions, policies, etc.

·          Establish a timeframe to require all government agencies to remove sensitive information about individuals.

Contact your local, state and national representatives and demand that your information gets the protection it deserves.

Linda