No-holds-barred Betty

COMMENT ON THIS ARTICLE

If Massachusetts Secretary of State William Galvin finds himself in the news this week – and he does – because of concerns that his office’s Web site is exposing Social Security numbers and other personal information online, he can thank – or blame – Betty “B.J.” Ostergren for the publicity. For nearly five years, the feisty 57-year-old former insurance claims supervisor has led a one-person crusade against county and state government officials around the U.S. Her mission: Stop them from posting public records containing Social Security numbers and other personal data online. It’s a “stupid” and “reckless” practice that she says has turned the sites into a feeding ground for identity thieves and other cybercriminals.

Ostergren’s site, The Virginia Watchdog, boasts a list of public records containing Social Security numbers belonging to well-known figures — including former Florida Gov. Jeb Bush and former Texas Congressman Tom Delay — that she accessed from county sites. She also contacts people whose data she finds and asks them to put pressure on officials to take down the records. In just the last week, she persuaded the secretaries of state in Colorado and Arizona to break links to certain commercial documents and tax liens on their sites that contained personal information. Sometimes her efforts don’t work — as in the case of Galvin, who said that online access to the documents is vital for business. Ostergren talked about how a campaign that began with an attempt to keep her own records offline in Hanover County, Va., has grown into a nationwide mission.

Excerpts from the interview follow:

What is the status in Virginia today? How many counties are still making unredacted public records available online?

As of today in Virginia, we have 59 circuit court clerks who have certified to the state compensation board that they have online remote access to these records. There are 62, however, who are not — and my county is one of them. Those records that they have online in this state are deeds, mortgages, estate details, list of heirs of a deceased person, final divorce decrees with children’s names, tax liens, power of attorney, name change documents and others. A lot of these records have Social Security numbers on them.

Are there many counties around the country doing this?

Yes there are. It’s stupid, it’s reckless and it’s dangerous. You got people who are cops, FBI agents, Secret Service, the CIA, judges, doctors, abused single women, elderly women — and here you are putting all their information right out there on the Internet, just because they’re public records. Here’s a thought: If somebody wants to see a public record, why don’t they get in their car and drive down to the courthouse or the secretary of state’s office? Don’t be spoon-feeding criminals with stuff on the Internet.

County clerks say all they are doing is making the same public records that are available in the courthouse available on the Internet. They say businesses need these records. What’s wrong with that?

Yeah, but they have Social Security numbers in them. I have driven down to Miami-Dade County in Florida and tried to get Gov. Jeb Bush and his wife’s Social Security number off a deed at the courthouse, but it wasn’t possible. But I sat here at my computer in Hanover County, Va., and got it. Sure, these are open records at the courthouse, as well they should be. But when we first started putting our records in these courthouses however many hundreds of years ago, it was for safekeeping and for different legal purposes. But with the advent of the Internet, everybody wants to put all this crap online with all this personal information, and I just think that it’s dead wrong.

So who really is accessing all of this data?

Absolutely anybody and everybody can access it. People from outside this country are into these sites and so are people from within this country. Maybe it’s your neighbor down the street. A site like the Colorado secretary of state’s is free and open. Anybody can just simply sign up and get a password and in a minute you can get right in. [The site has temporarily blocked online access to some records as a result of Ostergren’s complaints.] If I want to, I can use a fake name and a fake e-mail account. No one knows who’s signing up or who’s accessing the records.

But some states and counties require you to pay for these records, don’t they?

A subscription is no protection. In Virginia, for US$25 you can sign up to access Fairfax County, home of Supreme Court justices, home of the FBI, the CIA, Pentagon officials. You have to sign up, you have to give your name and your address and a notarized signature. But big deal. Seven hijackers (involved in the 9/11 attacks) got their fake Virginia drivers license based on a fake notary. So who’s to know what’s real? You could give them a cell phone number and who’s to know that it is not really in India or in Timbuktu? I send in $25 and I get a password and a username back in three days or so and then I’m in there sitting on 33 million records and about 5 million Social Security numbers. What’s to stop me from having everyone in my neighborhood come to my house and use my computer? How is the clerk of the court in Fairfax County going to know who is sitting at my chair in front of my computer? That’s where you lose control of those records. There are people downloading them by the gazillions. I’m not saying that public records should not be open. I am saying they should not be available online.

What are states doing about it?

There are some states like Florida that passed a law giving clerks and recorders until Jan. 1, 2008, to get Social Security numbers offline. If a person found out that their Social Security number was online, they can put in a written request and have it removed. In December 2005, North Carolina passed a law allowing citizens to remove their Social Security numbers and a couple of other things like driver’s license numbers from online records. A person can put in a written request to have their personal information removed. What’s the problem with that? Well, it puts the burden on the citizens, and most of them don’t even know this little scheme is going on until they get a phone call from me.

What’s your advice to people on this issue?

I believe one person can make a difference. I have woken people up. I always hear from people and they are always thanking me for what I am doing. And I say, ‘Don’t just thank me. Spread the word. Do something to help me.’ When I die, somebody has to give me credit for what I’ve done.

COMMENT ON THIS ARTICLE

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now