Page 1 of 1

Identity Theft

Posted: 08 Dec 2007 07:18
by Joyaa
Hi All,
One of my relatives has raised the sticky issue of internet 'identity theft'. He's thinking: 'Identity theft is an increasingly common phenomenon. Should I post my family tree on the internet if it includes mother's maiden names (a typical banking security question), dates of births, photos etc?'.
I am already planning to password-protect my site, and I guess I could insist that all photos sent to me should be 25+years old (though I would hate ot do this of course). What else might I do, given that I think that it would be a GREAT shame to hide data for all LIVING individuals on a 'family' site? .... Has this issue been dealt with elsewhere? If so, please can some wonderful person direct me (and at the same time tell me how I can search the fora to look for issues-already-discussed)?
Thanks, generally; Joyaa[cool]

ID:2642

Identity Theft

Posted: 09 Dec 2007 09:19
by JonAxtell
Identify theft is something that does affect the publishing of family trees. In my case I always ask for permission from any living people. By default I only publish their names, but if requested I either anonymise them or remove them from the published tree. Most don't seem to mind, with only a few asking for removal.

As for the actual threat posed by publishing mother's maiden names, it does exist, but it's not an high risk. It's useful to identity thieves but they need to know who the person is to really make use of it. So they would have had to have already been targeting the person via other methods or have some means of connecting the info they already have to your mother. If you have an unusual name then then a Google search would be simple to carry out, but if you are Smith with mother Brown, then its a lot less useful to the ID thief.

Consider that BMD details are readily available from a huge number of websites (old newspaper birth anouncements as well as Ancestry et al) with relatively low subscription rates which any good ID thief could be using as well. If your sources are public then it only causes a slight hinderence to an ID theif if you hide your details. This might be enough to make the thief go for an easier target in some cases, but in other cases they already have picked a target and will get all the info they want from many different sources.

Look at it as a business - paying for info is just a cost they deduct from their eventual profit. If the cost is low, but profit low as well, then they'll go for easy pickings. If cost is high, but potential profit high as well, then subscribing to genealogical websites would still be very lucrative.

Should we stop the governements from publishing BMD details or should we just not use maiden names in out security questions. Which is easier? I myself don't use parents names in my security details, instead I use something else but just as memorable. Banks don't ask these type of questions because they'll check your parents details. No, they ask because they know that people easily forget security details, especially if they aren't used often. A mother's maiden name is something that few of us forget (though many might forget their birthday! :-) ).

Hope that's given people something to think about.

Jon