Dear Ancestry Insider,
The Ancestry.com U.S. Public Records Index contains the records of almost a billion living people. The data include name, date of birth, and address. It doesn't require much more than that to steal an identity.
I wrote to Ancestry about this issue, and here's the response I got: “All requests to have information or data removed from our website are handled by our Executive Office department. These requests should be sent by email to email@example.com requesting that the information be removed.
“Note: Please include in the following information so we can better serve your request.
Your email address
The URL address to the page in which the information appears
Specify which portion of the page you would like to have removed
“Once these requests have been sent to firstname.lastname@example.org, the Executive Office department will respond to your email within seven business days. Any further questions about information removal should be referred to the Executive Office department.”
This information should really be made widely available. Ancestry Insider, what do you think? How 'bout a blog post on this?
otosankeith * †
Dear Keith san,
You got it. Thanks for the info.
Otosankeith is correct, there is information about living people in the U.S. Public Records Index. Unfortunately, I don't think there's much that Ancestry can do about it. It's all information that was obtained from public documents (court records, voter registration lists, etc.), hence, the term "public record." Heck, I'm listed on there with my last 5 addresses ... but nothing since 1995. You actually need more than a DOB, phone number, and address to steal someone's identity. I wouldn't fret over it.ReplyDelete
(Besides, I'm kinda hoping someone steals mine. I'm ready for a new one.) :)
Ancestry has indeed agreed to remove my personal data, even though they get the data from another source. I suppose I'll have to monitor it, since every time they refresh the database, the data could show up again.ReplyDelete
It is possible to reconstruct a SSN using just date and place of birth. See the article at this link: http://www.pnas.org/content/106/27/10975.short. If hackers or identity thieves decide to use this method, all they would then have to do is use a SSN verification service to check their reconstructed SSNs. There is no general agreement on what personal data is safe to have on line. I tend to err on the side of caution and post as little as possible, and request take down of what I find. The state of the art today will look absolutely archaic at some point in the future. It's possible to positively identify a person using supposedly anonymous data taken from their browser cookies.
While we all might like a new identity at times, I think we would rather choose it ourselves than have it stolen from us.