The Privacy BlogPrivacy, Security, Cryptography, and Anonymity



How genealogy data can lead to identity theft


Irish Data Protection Commissioner Billy Hawkes has stepped in to have a database of civil registration records removed from the website The problem is that the database contains information on living persons which is often used for identity verification.

That would include things like mother’s maiden name and birth date. While these are public records, previously they had required payment of a fee, and it was not easily searchable on-line.

Of course, in the era of social media, these kinds of authenticators should have been disposed of long ago. Too many of them can be easily discovered by looking through Facebook accounts and the like.

This case also highlights the troubling nature of public records. In the past records were public in the sense that anyone could go to a government building and access the paper records. They could not be easily be searched as a whole, and the entirety of the records pulled into a private database. This is a kind of security by obscurity, but a useful one. With Internet records, many people are not comfortable with just how public much of this information is. The old inconvenience placed a low but real barrier to data access, effectively insuring that it was only done for specific people and for specific purposes. It is not at all clear how to get that without loosing all the advantages of Internet accessibility.

Personal details removed from site over ‘identity theft’ concerns

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

· ·


  • Marshall · July 21, 2014 at 1:55 pm

    > The old inconvenience placed a low but real barrier to data access, effectively
    > insuring that it was only done for specific people and for specific purposes

    The old inconvenience lead directly to businesses paying people to do data entry, compiling databases of “public information”, which they then sold.


    • Author comment by Lance Cottrell · July 21, 2014 at 3:03 pm

      Absolutely true. That makes for a very uneven playing surface. Don’t get me wrong, I am not advocating for the old system, just saying that there are some impacts from the automation and ease of access.


  • George · July 23, 2014 at 4:00 am

    I live in a small village. Not only is this public information, it is publicly known information. Using this type of information for authentication is the problem. Even a national insurance or social security number is at best an identifier, not an authenicator. The horse is out of the barn, instead use a motorcar.


  • Richard · November 30, 2016 at 2:08 pm

    It’s scary how much information about you is publicly available. I searched my full name in Google the other day just to see what would pop up. Low and behold, there is my full name, address, wife’s name, year married, etc… in plain sight! Not only that, but the site has a service where they provide additional details about me (or anyone for that matter) for a small fee of $14.95. That’s insane. Welcome to 2016


Leave a Reply