It would seem that the answer to the question in the title of this blog should be a resounding: Yes. But why would I be asking this question at all? There was an interesting exchange in a class at the BYU Family History Library. It was reported to me, that in a class that discussed the 1940 U.S. Census, one of the attendees expresses the fact that she was appalled the the Census contained information about herself and her parents with their names and all. She also went on to complain about the fact that obituaries were being added to the online databases especially one containing information on the death of her parents and with her own name and that of her husband. In other words, the publishing of information in a now 76 year old U.S. Census and in an obituary that was authorized by the family and intentionally published in a public newspaper could somehow be a threat to her or a breach of her right to privacy.
Now, whether or not this actually happened is immaterial to the issue of breach of privacy. First of all, dead people have no right of privacy at all. But in some extraordinary cases the courts have acknowledged that survivors who are family members may have a some rights with respect to photographs of the dead person. See Calvert, Clay, "A Familial Privacy Right Over Death Images:Critiquing the Internet-Propelled Emergenceof a Nascent Constitutional Right thatPreserves Happy Memories and Emotions" Hastings Constitutional Law Quarterly, Vol. 40:3, Spring 2013 which states:
In May 2012, the United States Court of Appeals for the Ninth Circuit broke new constitutional ground in Marsh v. County of San Diego when it became the first court at any level to hold that a federal right to privacy, rooted in the word “liberty” within the Due Process Clause of the Fourteenth Amendment, encompasses “the power to control images of a dead family member.The ruling however, should be considered dicta, for the simple reason that the decision of the court went against the mother's claim. See Marsh v. County of San Diego, 680 F.3d 1148 (9th Cir. 2012). The legal term "dicta" is applied to gratuitous court rulings which are not dispositive of the issues in the case in chief. Since the issue expounded by the court did not decide the case, the extra opinion of the court are not res judicata (legally binding) as to any subsequent case raising the same or similar issues. For a more complete review that is contrary to my own opinions on the subject, see Siddiqui, Mahira, "Narrowly Restricting "Clearly Established" Civil Liberties: The Constitutional Ramifications of a Family Member 's [Under] Protected Federal Privacy Rights in the Dissemination of Postmortem Images in Marsh v. County of San Diego." Golden Gate University Law Review, Volume 44, Issue 1 Ninth Circuit Survey, April 2014.
It is said that difficult cases make bad law and this is an example of that principle in action. What is in consideration here is a slippery slope of possible decisions allowing the living to control the "privacy" of the dead.
Moving on to another issue, considering the class attendee's objection to the appearance of her name in an obituary, it is further that the fact that the permission given by the family to publish an obituary especially when they paid for the publication, would very likely be an absolute defense against any possible claim against either the newspaper or against an online database that happened to include the newspaper in a collection.
But the issue here is more serious. Some of the online genealogical repositories are taking these objections seriously and redacting (blocking out) the names of people who appear in obituaries and who object for trivial reasons. In an extension of this faulty line of reasoning, can genealogists be liable for some breach of privacy if they publish a book containing genealogical data, perhaps disclosing relationships and parentage that some would not like to have disclosed about either living or dead people? Are we facing a future where no mention of a living person will be allowed?
An alternate question is can we continue to function as genealogists if we become completely mired in a wave of "privacy" issues caused by gross and complete ignorance of any substantial legal issues? Have we become so fearful about the bogey of "identity theft" that we are going to sacrifice our cultural and ancestral heritage for an illusion of security? We have seen valuable genealogical tools such as the U.S. Social Security Death Index or SSDI successfully limited through attacks arguing privacy.
From a legal standpoint (and is there any other valid consideration here?) privacy is the proverbial "can of worms." Presently, under the guise of "privacy" my wife cannot even obtain information about our bank accounts, my health status or a myriad of other vital issues without my express and repeated permission. Every time I go to a doctor's office, I have to sign a lengthy disclosure document that basically allows the doctor to avoid a lawsuit by asking me why I came to his office and treating me for my complaint. Likewise, I have been denied access to my own bank accounts by overzealous bank employees who asserted I did not have a right to view my own accounts because of privacy restrictions.
Now, I am at a crossroads with this particular post. I could go on and show, as I have many times in the past, that "identity theft" is a bugaboo of no actual substance or I could go on to present a detailed legal history of privacy. If I choose either of these paths, you will probably stop reading this post, assuming of course, that you have gotten this far. Instead of either course, I suggest that you start investigating this issue for yourself and stop reacting irrationally and emotionally to issues you do not understand. Here is a good place to start with an article from the Pew Research Center, entitled, "Americans feel the tensions between privacy and security concerns."
But here some questions to send you on your way. What is identity theft? Is there a commonly accepted legal definition for "identity theft?" Here is a short statement from The United States Department of Justice webpage on Identity Theft.
What Are Identity Theft and Identity Fraud?
"But he that filches from me my good name/Robs me of that which not enriches him/And makes me poor indeed."
- Shakespeare, Othello, act iii. Sc. 3.
The short answer is that identity theft is a crime. Identity theft and identity fraud are terms used to refer to all types of crime in which someone wrongfully obtains and uses another person's personal data in some way that involves fraud or deception, typically for economic gain.This statement contains a contradiction. It identifies "identity theft" as a crime and then goes on to explain that it is really a general term used to "refer to all types of crime..." Here is a summary of the various crimes included from later on in the same article.
The Department of Justice prosecutes cases of identity theft and fraud under a variety of federal statutes. In the fall of 1998, for example, Congress passed the Identity Theft and Assumption Deterrence Act . This legislation created a new offense of identity theft, which prohibits "knowingly transfer[ring] or us[ing], without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, any unlawful activity that constitutes a violation of Federal law, or that constitutes a felony under any applicable State or local law."
18 U.S.C. § 1028(a)(7). This offense, in most circumstances, carries a maximum term of 15 years' imprisonment, a fine, and criminal forfeiture of any personal property used or intended to be used to commit the offense.
Schemes to commit identity theft or fraud may also involve violations of other statutes such as identification fraud (18 U.S.C. § 1028), credit card fraud (18 U.S.C. § 1029), computer fraud (18 U.S.C. § 1030), mail fraud (18 U.S.C. § 1341), wire fraud (18 U.S.C. § 1343), or financial institution fraud (18 U.S.C. § 1344). Each of these federal offenses are felonies that carry substantial penalties  in some cases, as high as 30 years' imprisonment, fines, and criminal forfeiture.Despite this explanation, the federal Office of Justice Programs, Bureau of Justice Statistics uses the following definition of identity theft:
For the National Crime Victimization Survey (NCVS), the definition of identity theft includes three general types of incidents:Unlike other "crimes" the incidence of identity theft are based on complaints from "victims" rather than actual crime statistics such as arrests and convictions. If you want to know exactly what is meant by "identity theft" and that it has nothing at all to do with U.S. Census records or obituaries or anything else genealogical, read the Bureau of Justice Statistics, Victims of Identity Theft, 2014. Here is an opening quote:
- unauthorized use or attempted use of an existing account
- unauthorized use or attempted use of personal information to open a new account
- misuse of personal information for a fraudulent purpose.
An estimated 17.6 million Americans—about 7% of U.S. residents age 16 or older—were victims of identity theft in 2014. Most victims (86%) experienced the misuse of an existing credit card or bank account. About 4% of victims had their personal information activity stolen and used to open a new account or for other fraudulent activity. Some victims (7%) experienced multiple types of identity theft during the most recent incident. These findings were similar to those published in 2012.When the U.S. Federal Government is talking about identity theft, they are talking about credit cards and bank accounts. It would be nice if the banks would stop using my mother's maiden name or my grandfather's given name as security questions, but other than that genealogy has very, very little to do with identity theft.
A typical mess of definitions and scope. In the Office of Justice Programs, Bureau of Justice Statistics definition, are they specifically talking about accounts with financial institutions (incl. but not limited to banks), James? Many non-financial account types would permit an "identity thief" to wreak havoc, or cause considerable damage to a person's assets or reputation, but is the mere access to someone else's account deemed to be a crime? Where is the line drawn? If someone hacked into, say, your FB account, is that a crime on its own, or does it depend on what they do there? In real-life, impersonating a police officer would obviously be a crime, but what about pretending to be your next-door neighbour? At what point does the impersonation become criminal?
ReplyDeleteThe main problem is that what is defined as identity theft by the government and then communicated to the general population does not convey an accurate assessment of the real threat or problem. Thanks for your comment.
Delete