Language Selection

English French German Italian Portuguese Spanish

Dealing with identity theft

Filed under
Security

The campaign to stamp out identity theft may claim some unexpected victims -- the nation's private investigators.

Modern PIs do a lot of their work with computers, using commercial databases to obtain Social Security numbers. These can be used to help track down missing persons or locate witnesses to a crime. But investigators say that in the aftermath of recent identity theft scandals, database companies are cracking down in ways that make it harder for them to do their work. And they worry that proposed federal legislation will make matters worse.

''It's like throwing the baby out with the bath water," said Bruce Hulme, chairman of the legislative committee of the National Council of Investigation and Security Services in Baltimore. The group is lobbying Congress to prevent passage of a bill introduced in April by Representative Clay Shaw of Florida, a Republican, which would tighten restrictions on the sale of Social Security numbers.

Hulme said that many of his members rely on Social Security numbers, and that without full access to them, they'll lose their ability to crack cases. Investigators are also worried about a similar bill introduced last month by Republican US Senator Arlen Specter of Pennsylvania and Democratic Senator Patrick Leahy of Vermont.

No action has been taken on the Specter-Leahy bill. But Gail Gitcho, a spokeswoman for Shaw, said his legislation had been substantially modified from the version first introduced last year, and will now place fewer restrictions on private detectives. For example, the bill would allow the US attorney general to issue regulations granting the investigators access to Social Security numbers. But Hulme and others want a specific ''carve-out" in the language of the bill, allowing database companies to sell detailed personal information to licensed private investigators.

Even if these bills are defeated or modified to ease the detectives' concerns, they'll still face tougher restrictions imposed by the database companies themselves. Firms like LexisNexis and ChoicePoint Inc. hold detailed files on millions of Americans, which they sell to businesses, government agencies, journalists and private investigators.

But these companies have been hit hard by reports that their records have been misplaced or stolen. In February, ChoicePoint admitted that criminals posing as legitimate business people had purchased files on about 140,000 people, some of whom were later defrauded. In March, LexisNexis revealed that someone with a stolen account password had swiped the files of about 310,000 people.

John Buckley, president of the Licensed Private Detectives Association of Massachusetts, said people in the PI business weren't surprised by the problems at LexisNexis and ChoicePoint. ''It's ridiculous how they've been giving this information to everybody," he said. ''We've always been concerned about it."

But after the recent thefts, database companies have begun to crack down. For example, last year LexisNexis bought Seisint, a Florida database firm popular with private eyes because it sold personal data including Social Security numbers. Soon after the Seisint acquisition, the data thieves struck.

Now LexisNexis has modified its service. Its database listings include names, addresses and phone numbers, but the last four digits of each Social Security number are deleted. LexisNexis does provide more detailed information to law enforcement agencies and financial services firms investigating fraud. But it will no longer provide full Social Security numbers and driver's license numbers to private investigators. ChoicePoint has adopted a similar policy.

''We're under a lot of pressure to minimize the availability of Social Security numbers," said LexisNexis spokeswoman Mary Dale Walters. Marco Piovesan, vice president of business services at ChoicePoint, said that his company has discussed the issue with private investigators, but has decided not to sell them Social Security numbers. ''We restrict that information to a large number of business types, including the PI group," Piovesan said.

Detectives like Buckley say that truncated Social Security numbers aren't enough to provide positive identification of missing persons, especially when they're trying to locate someone with a common name, like Bob Jones or John Smith.

But not all detectives share Buckley's concern. Kroll Associates, one of the world's largest investigation firms, uses Social Security numbers to identify their investigative targets. But Kroll's executive managing director, Dan Karson, said that his investigators should be able to find Social Security numbers even if the big database firms clam up.

''For most of the population, I don't think you'd need these databases to get SS numbers," Karson said, noting that the numbers for millions of Americans can be found by scrutinizing freely accessible public records.

Longtime Boston private eye Gil Lewis prefers to find people using courthouse records, data on previous employers, and places of residence. Lewis said that he never uses Social Security numbers in his work. ''If a guy doesn't want to be found, he's not going to use his Social Security number," Lewis said.

Indeed, he said that when he tried Social Security number searches, he has found the same number being used by four or five people, making it useless as an identifier. ''I don't care if they do away with every SS number in the world," Lewis said.

No matter how much a person might try to hide, he'll still find work, make friends and spend money. In the process, said Lewis, he'll leave a trail that a skilled investigator can track. ''You really can't hide for very long," Lewis said. ''If you've got the time and money to pursue somebody, you can find anybody."

But Hulme said that easy access to Social Security numbers, drivers license numbers and other personal data are vital for private investigators working to establish the innocence of a defendant in a criminal case. He said that police will continue to have full access to the data, enabling them to quickly track down witnesses for the prosecution.

''If it all gets tied up," said Hulme, ''only police organizations will have access to this information, and the defense will not." He said that this could put defense attorneys and their clients at a serious disadvantage.

That means that detectives may have to get used to finding people the old-fashioned way, a prospect that doesn't bother Lewis. ''You just have to be imaginative." he said. ''If you find a closed door, you find another door."

By Hiawatha Bray
The Boston Globe

More in Tux Machines

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.

Red Hat Hires a Blind Software Engineer to Improve Accessibility on Linux Desktop

Accessibility on a Linux desktop is not one of the strongest points to highlight. However, GNOME, one of the best desktop environments, has managed to do better comparatively (I think). In a blog post by Christian Fredrik Schaller (Director for Desktop/Graphics, Red Hat), he mentions that they are making serious efforts to improve accessibility. Starting with Red Hat hiring Lukas Tyrychtr, who is a blind software engineer to lead the effort in improving Red Hat Enterprise Linux, and Fedora Workstation in terms of accessibility. Read more

Today in Techrights

Android Leftovers