FGS Webinar — The Open Death Records Initiative

Register: https://attendee.gotowebinar.com/register/3104286747020159747

Updated 20 July 2017:

At the present time, GoToWebinar does not officially support sharing videos.  As mentioned during the Webinar, two videos  intended for  sharing during this presentation were to  be made available at this RPAC Blog.

(1)  Social Security Administration Commissioner Astrue’s testimony before the February 2012 of the Social Security Subcommittee of the House Ways and Means Committee:

(2) Duckling Rescue:  I hope to convert this file into a type that Word Press will allow but cannot add it at this time.  I fervently hope I can do so in the near future.  Further Updated 22 July 2017 — Attempted —  still working —

Updated 5 August 2017 — With help from real experts, now appears to be working.

(3) Also wish to attach the one page description of our outreach to the Vital Records Community:  VRRegistrars Rev April 2

Share Button

Time to Support the National Archives and Library of Congress

With thanks to Jan Alpert and Barbara Mathews.

On May 22, 2017, President Trump released more details about his proposed Fiscal Year 2018 budget. Overall there were cuts to many of the programs that genealogists regularly use. The National Archives and Records Administration (NARA) is targeted for a $16.6 million reduction in addition to the elimination of the National Historical Publications and Records Commission (NHPRC), an archival grant making arm of the National Archives which provides local and state funding in the preservation of essential historical materials making them more accessible to the public. Since 1964 NHPRC has provided grants to every state and you can view a detailed list for the last thirty years at https://www.archives.gov/nhprc/projects/states-territories. When the NARA budget is cut the hours at the Washington D.C., College Park, Maryland, and Regional Archives are usually reduced. As staff cuts are made to meet the budget, our fees are often increased and the delivery time is extended for document requests. Genealogists are the largest customer base of the National Archives. If we don’t support NARA, who will?

The Library of Congress is slated to receive a $56 million increase in the FY 2018 proposed Trump budget. In addition to the library being a world-class research facility, genealogists also are benefitting from Chronicling America which is digitizing early American newspapers from 1836 to 1922 and digitizing the Sanborn Fire Insurance Maps of cities across the United States which have survived. If your state newspapers are being digitized, it is likely in partnership with the Library of Congress. The budget negotiations will continue for months, so although the Library of Congress is well positioned in the Trump proposed budget, funding could be reduced before the final budget is approved. Let’s not take that chance.

As genealogists, we need to support the funding of projects which provide digitization and online access to historical documents. We have the most impact if we write our Congressional Representatives. On the RPAC website http://www.fgs.org/rpac we have provided a copy of this article with links to sample letters you can send in support of NARA, NHPRC, and/or the Library of Congress. With each sample letter we have provided a chart showing the actual FY 2016 and FY 2017 funding in comparison to the proposed FY 2018 budget.

SampleLettertoCongressFY18NARA+NHPRC (002) SampleLetterFY18LOCChronAmerSanborn (002)



Share Button

DMF — How Did The Congress Get So Far Off Track?

It may be that Groucho Marx said it best:

“Politics is the art of looking for trouble,

finding it everywhere,

diagnosing it incorrectly,

and applying the wrong remedies.”

Trouble surrounding the proper role of the Social Security Administration’s Death Master File (DMF) pointedly came to Congressional attention in 2011 in several contexts:

(1) Included in a surge of fraudulent tax returns claiming refunds filed with the IRS by identity thieves were some using the identities of recent deceased children;

(2)  The Office of Personnel Management continued to make improper retired pay payments after the former government employee was deceased,

(3) The City of Syracuse continued to make medical insurance premium benefit payments  after the retired former employee had died and even after the office administering their retired pay distributions had terminated those payments when the deceased individual appeared in the DMF.

What did all of these transactions have in common?  They all involved instances in which the DMF could and should have been used to flag suspicious transactions involving deceased individuals BUT THEY WERE NOT!

The misdiagnosis:  In stead, the problem was said to be that the personally identifying information of deceased individuals was widely available on the internet.   This approach fails to recognize that the use of the DMF should have been encouraged rather than made more difficult by clearly legitimate historical Users.

The Congressional Remedy (as reflected in Section 203 of the Bipartisan Budget Act of 2013):  Limit access to and the content of the SSA’s DMF, impose significant costs increases even on those certified for access, impose significant penalties upon those using the data outside the scope of the certification program, as well as many other administrative and technical burdens.  And thus the logical flaw previously described at http://www.fgs.org/rpac/2016/11/12/closing-death-records-the-logical-flaw/ was codified.

How did the Congress get it so wrong?  One explanation is found in a speech found in the Congressional Record offered by Senator Orin Hatch  at page S8891 as the Bipartisan Budget Act was considered by the Senate on December 17, 2013:

     “Mr. President, it is becoming far too common for important legislation to bypass committees of jurisdiction and for it to be written by legislators who do not necessarily have the depth of knowledge and expertise necessary to avoid writing laws that either do not work or contain glitches, ambiguities, and confusing language.  In my opinion, we need to return to regular order where committees of jurisdiction are the places where issues in their jurisdiction are debated, processed, and agreed upon in a bipartisan fashion.  Certainly, committees of jurisdiction must be consulted when others decide to write legislation that involves issues that lie squarely within their jurisdictions.  That will be the surest route to preventing a reoccurrence of the ambiguity and confusion that has, unfortunately, arisen from the Death Master File provision of the budget agreement.” 

 Unfortunately, because the provisions of Section 203 were adopted outside of regular order it  did not reflect how much circumstances in 2013 had changed since 2011. In particular, no acknowledgement of the effectiveness of far less disruptive measures taken by the IRS (actually using the DMF as a filter to intercept fraudulent returns) by 2013 was already identifying most of those cases in which the thief could have gotten the SSN from the DMF.  Nor did these provisions demonstrate an awareness of the myriad legitimate uses which the DMF was serving.  The extent to which this represents a departure from sound legislative process has been the recent subject of an analysis by Professor Irene Scharf, University of Massachusetts School of Law.[1]

Some of the costs of inappropriately closing the DMF are  described at http://www.fgs.org/rpac/2016/11/28/death-master-file-the-final-rule-28-nov-2016/.

Surely we can do better!

[1] Scharf, Irene (2016) “The Problem of Appropriations Riders: The Bipartisan Budget Bill of 2013 as a Case Study,”Mitchell Hamline Law Review: Vol. 42: Iss. 2, Article 9.

Available at: http://open.mitchellhamline.edu/mhlr/vol42/iss2/9


Share Button

Death Master File — The Final Rule– 28 Nov 2016

Today is the effective date for the Final Rule implementing the statutory mandate found in Section 203 of the Bipartisan Budget Act of 2013 directing the Secretary of Commerce to develop a certification program limiting access to and the content of the Social Security Administration’s Death Master File.

To get to this point this project has required very nearly a full three year effort since the passage of this act in December of 2013.

I wish to start by thanking the National Technical Information Service (NTIS) of the Department of Commerce for the exemplary manner in which they have sought to craft regulations implementing their statutory mandate, for conducting the most rigorous review of the legitimate uses of the Death Master File (DMF) conducted thus far, and for providing stakeholders a forum in which to describe the impact of and offer suggestions to improve various approaches that could be taken.  Originally published in the Federal Register on the 1st of June, 2016 at 81 Fed. Reg. 34891, the pdf file of the regulation is found at:  https://www.gpo.gov/fdsys/pkg/FR-2016-06-01/pdf/2016-12479.pdf . They have provided a commendable demonstration of what a robust notice and comment process looks like, an example truly worthy of emulation.

NTIS acknowledges numerous suggestions found in the submissions made by over sixty legitimate historical users of the DMF but found themselves limited by the requirement that they implement the statute as written. Virtually all suggestions for improving the DMF or minimizing the adverse impact upon legitimate users had to be rejected because the statutory language left the Secretary of Commerce little discretion to do otherwise.  Contributor’s comments were made a part of the record found at:  https://www.regulations.gov/docketBrowser?rpp=25&po=25&dct=PS&D=DOC-2014-0001

Would that an opportunity to provide the user community an opportunity to provide input had been provided before the statutory language was carved in stone!  Although the rationale provided to support limiting access to the DMF was the prevention of identity theft, these measures may well make us even more vulnerable.

Legislators should be assured that the genealogical community is prepared to be supportive of measures which actually protect us from identity theft. We fervently wish that we could believe that the measures mandated by Section 203 of the Bipartisan Budget Act of 2013 limiting access and content of the Social Security Administration’s Death Master File would have that effect. Our analysis has suggested otherwise.

What is the documented impact?

  1. Clearly many legitimate historical users of the DMF are simply denied access to this resource (including medical and economic researchers.)
  2. The cost and burden on those authorized access to the Limited Access DMF has been significantly increased. A good example of the advice counsel are now having to give to their clients seeking to use the DMF is found at:  http://www.jdsupra.com/legalnews/cybersecurity-certifications-now-48385/
  3. Some certified users find that the Limited Access DMF no longer serves their needs because of questionable redactions of data elements and limitations in functionality found in the available search engines.
  4. When combined with the decision made in 2011 to redact some state provided data from the publically available DMF, we may be under-reporting up to one million deaths per year, thus further undermining the comprehensiveness of the DMF of the future.
  5. Once the IRS started actually using the DMF in December of 2011 to flag suspicious tax refund claims, they were already intercepting any fraudulent returns the thieves could have facilitated by misusing the DMF without burdening legitimate users.


I have long asserted that this Certification program does not belong in permanent legislation. https://www.regulations.gov/document?D=DOC-2014-0001-0093 .

As the right lessons are learned from this effort, let us hope that legislators chose to revisit the issue of whether this represents an enduring solution to the issues surrounding the proper role and future of death records such as the Death Master File.

Surely we can do better!

Share Button

Closing Death Records — The Logical Flaw

One of the misperceptions with which we have repeatedly had to wrestle in recent years has been that ALL Personally Identifiable Information (PII) by default must be safeguarded.  For many legislators in recent years, it is almost a reflexive belief that the best or only way to fight identify thieves is to close the records that thieves might have used.  At this level of thinking, rarely do current decision-makers distinguish between the active PII of the living from records of deceased individuals.  It is this flawed logic that was given as the rationale for the provisions of Section 203 of the Bipartisan Budget Act of 2013 limiting access to and the content of the SSA’s Death Master File.

May I suggest that death changes many things!

Ironically, some of the best examples of the impact of passing this milestone flow from that experienced by living individuals erroneously reported as deceased.  http://www.denverpost.com/2016/11/06/what-happens-when-social-security-accidentally-declares-you-dead/


The lesson: The personally identifiable information of persons “known” to be dead  (even if erroneously so) loses its value, thus thwarting its abuse by identify thieves!

My thesis is that, until recently, as a society we recognized the distinction between active  personally identifiable information and the records of deceased individuals.

The European Union still does.  Although RPAC has railed against many provisions of the European Union’s Data Protection Regulations (e.g. –“Right to be Forgotten”), I just note that the European Union Data Protection Regulations specifically recognize this distinction and even goes so far as to declare that “(27)  This regulation does not apply to the personal data of deceased persons.”  http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=OJ:L:2016:119:FULL&from=EN  See page 5. (With thanks to Jan Meisels Allen for highlighting this and related references.)

I am recalling another of our colleagues sharing a discussion he once had with a physician during which the doctor declared the then widely held belief that “The Deceased do not have  privacy rights!”

Because of the way in which US privacy law has evolved, it is more difficult to find as specific a provision in either federal or state statutes.  An excellent discussion of the contrast between the European Union approach to a comprehensive privacy statute and implementing regulations and the path followed in the United States is found at:  http://www.genomicslawreport.com/index.php/2015/09/01/how-privacy-law-affects-medical-and-scientific-research/.

Drawing largely upon case law instead of statutory language, the usual source for this concept is Section 652I of the Restatement of Torts: “Except for the appropriation of one’s name or likeness, an action for invasion of privacy can be maintained only by a living individual whose privacy is invaded.” [3 Restatement Torts, 2d, § 652I, p 403. Emphasis added.] (With thanks to Judy Russell for providing this citation).

The Supreme Court of Michigan cites to this Restatement provision in ruling that the Medical Examiner’s autopsy report  documenting that the death of a prominent judge was  a suicide and should be made available to a journalist in response to a Freedom of Information Act Request.  The opinion of the court, separate opinion and dissenting opinion provide an extensive discussion of various approaches to this situation and the basis for their ruling:  http://law.justia.com/cases/michigan/supreme-court/1991/89602-5.html .

My assessment is that the operative current paradigm fails to distinguish between the essentially different character of active personally identifying information from that of the deceased.  As long as this illogic survives, there is little chance that the utility previously afforded to genealogists and other legitimate historical users of the SSA’s Death Master File can be restored, or that we will have appropriate access to its possible successors.   Unfortunately, this same logical flaw burdens access to fact of death information found in the vital records of many of the fifty states, five territories and two independent cities making up the vital records community of the United States.

In coming months I anticipate that several opportunities to influence the path forward to an enduring solution may present themselves although rarely accompanied by an invitation to the genealogical community to do so.

The need for a major educational effort on the part of the genealogical community and other legitimate historical users of the Death Master File is clear.

Stay tuned for further suggestions on how best to bring about this much needed paradigm shift.

Share Button

Closing Death Records Is Just Dead Wrong!

The threat of Identity Theft has prompted over a thousand legislative proposals at the Federal, state or local level in recent years impacting access to vital records.  The vast majority of these proposals have had the effect of limiting that access for genealogical and other purposes. The rationale used to justify most of these measures suggests an almost reflexive belief that the best or only way to prevent the fraudulent use of such data by identity thieves is to close the records thieves might have used. This logic carries with it the unstated assumption that no harm or costs result from closing such records.


The most dramatic example of this paradigm at the Federal level is found in those provisions in Section 203 of the Bipartisan Budget Act of 2013 limiting access to and the content of the Social Security Administration’s Death Master File. The context prompting these provisions arose in 2011 from particularly egregious cases of tax fraud by identity theft involving recently deceased children.  Early House and Senate hearings highlighting these horror stories involved a narrative which injected additional elements to the paradigm.

What your legislators have heard can be summarized as follows:

  1. The DMF/SSDI was a substantial source of SSNs used in filing fraudulent tax returns.
  2. SSNs of deceased individuals need to be protected in the same ways we safeguard those of the living.
  3. Simple fix (Silver Bullet?) – Just limit access to DMF
  4. Unstated assumption:  Nothing would be lost by closing this resource.
  5. Unspecified Assertion:  Alternative sources exist for DMF data.

In fairness, when these issues surfaced in 2011, data needed to understand the nature and magnitude of the identity theft and erroneous payments then making headlines was not available and would not become available for some time.  Initial speculation reflected above became the paradigm upon which legislative responses would be based.

The adoption of Section 203 has presented a unique opportunity to gather data exploring the effectiveness of alternative measures intended to fight identity theft. The most optimistic among us might even suggest that those proposing to close death records at the Federal level may have done us a favor by creating this opportunity to subject this issue to analysis using real data that has subsequently become available rather than acting upon ill-informed speculation. The robust notice and comment process employed by the Department of Commerce in implementing their statutory mandate has provided a forum for gathering actual impact information.

Many of the posts to this blog for the past year have reflected conclusions supported by the data (especially that drawn from the IRS experience) that normally requires well over a year to work its way through their processes.

As that data has become available, what can we conclude?



Share Button

RPAC at FGS Springfield 2016

The Federation of Genealogical Societies is celebrating its 40th Anniversary as a featured theme at its Annual Conference this week in Springfield, Illinois.  On this occasion, the Records Preservation and Access Committee is presenting a workshop session entitled “Striking a Balance Between Records Access and Privacy”  Thursday Afternoon the 1st of September at 3:30pm CDT in Room B1 of the Springfield Conference Center.

As genealogists we want access to all our ancestors’ records but as individuals we want information about ourselves to remain private.  Should the records of the living all be protected and the records of the deceased all be available?  At this session we will discuss many examples of records which are closed to access and other open records which may be closed in the future.

The syllabus for this session is found at:  RPAC at FGS Springfield 2016

The PowerPoint slides for this session will be posted to the Publications page of this Blog the morning of the session.


Share Button

RPAC at RootsTech 2016

The RootsTech 2016 Conference held last month in Salt Lake City has grown in the last six years to become the largest family history themed gathering in the United States, if not the world.  Although I have not seen the final “official” attendance numbers, the last number I recall hearing was in excess of 24,000.

The Records Preservation and Access Committee announced  the launch of the Records Advocate Blog on this occasion, a resource designed to alert subscribers of state, federal and international access issues throughout the year which may impact our family history research.  This and other pending topics were described in the attached flyer distributed at the FGS and IAJGS Booths in the Exhibit Hall and on other occasions.  RootsTech 2016 RPAC Flyer (002)

I was also privileged to deliver a presentation entitled “Closing Death Records: ‘Silver Bullet’ or Dead End?”  Among the more pleasant surprises coming out of RootsTech was that the rehearsal for my Friday  presentation which was videotaped on Thursday was subsequently displayed with the same accessibility as if it had been planned as part of the RootsTech video schedule all along.  I intend to continue to polish this presentation highlighting the folly of “Closing Death Records” and to seek every available forum to share that message.  http://www.rootstech.org/video2/4739709016001

UPDATED LINK TO Video:  https://www.rootstech.org/videos/fred-moss

Share Button

Death Master File — Analysis — IRS Filters Really Work!

When presented graphically, the data reflected in the Charts quantifying the impact of the IRS Filters shared in the previous blog entry demonstrate patterns that are both clear and encouraging.  http://www.fgs.org/rpac/2016/01/08/death-master-file-impact-of-irs-filters-ty2010-ty2011-ty2012/

IRS Fraud $

Although scattered incidents of fraudulent tax returns involving identity theft were reported over a decade ago, their frequency and magnitude prior to 2010 could be said to fall within the noise level on the IRS radar.  The emphasis within the IRS and on Capital Hill was to expedite refund payments to the point that checks were being issued within days of electronic filing early in the filing season and well before the IRS would have received information returns that would be used months later to verify the accuracy of the data on the return justifying a significant refund.  Instead of taking steps designed to prevent improper payments, the IRS practice as 2011 began was to pay claimed refunds as quickly as possible and then chase the filer in a labor intensive effort to recover the fraudulent or otherwise improper payment.  http://www.gao.gov/products/GAO-15-482T

As stories began to make headlines during 2011 of thieves filing fraudulent tax refund claims abusing the SSNs of recently deceased children, the public was made to realize that the harm being perpetrated was no longer just a manageable drain on the Treasury.  The disruption and pain inflicted upon the grieving parents (the legitimate taxpayers) for them felt like losing their child all over again.  The IRS was prompted to revisit the wisdom of continuing the “pay and chase” approach to correcting improper payments to possible identity thieves.  Prevention of fraudulent payments became a new focus of their enforcement efforts.

The comparison between the TY 2010 and TY2011 experience confirms the assertion that the IRS enforcement policies changed in December of 2011 to institute practices intended to prevent improper payments by diverting suspicious returns for further scrutiny before they were processed for payment.  The first year impact of this change in policy was dramatic, especially where the SSN of a deceased individual had been abused.


IRS Fraud Cases

Note:  12 Jan 2016 — Please expect additional materials to be added to this blog post in the next few days developing the implications of the data that has only become available well after the issue first became the focus of Congressional attention.  The initial narrative surrounding the situation suggested that the problem lay with the ready public availability of deceased person’s SSNs in the DMF, and that a simple fix would result by limiting access to the DMF.  I continue to assert that the real problem rose from the incredible vulnerability of the IRS online filing system and, in their haste to expedite the payment of refunds, the failure of the IRS  during 2011 to use the DMF [ listing, as it does, the no-longer-active SSNs of deceased persons]  or other filters to flag suspicious returns.  The effectiveness of the post-December 2011 IRS enforcement efforts is praiseworthy.


Share Button

Death Master File — Impact of IRS Filters TY2010, TY2011, TY2012, TY2013

The issue of tax refund fraud by identity theft provides a unique opportunity to analyze significant data over a period of years in an effort to learn the right lessons about the phenomenon.  The sequence in which changes were made also makes it possible to assess the impact of different approaches to combating this crime.  The ongoing case study described in earlier Blog posts outlines a form that analysis might take.  http://www.fgs.org/rpac/2015/07/05/id360-closing-death-records-silver-bullet-or-detour-a-case-study/

Examining this essentially comparable  data from Tax Years 2010, 2011, and 2012 seems to validate my assertion that this approach helps to give us visibility over the effectiveness of the IRS efforts to combat tax refund fraud.  Recognizing that it may take over a year for a final determination to be made as to the validity of a tax return, we should anxiously pursue and evaluate the equivalent TY 2013 data at the earliest possible moment.   Meaningful information  may be gleaned from subsequent years as well.


I am reminded that it would have been TY 2010 transactions generating CY 2011 headlines and, thus,  TY 2010 data provides our best baseline against which to assess the impact of the evolving IRS use of filters to flag potentially fraudulent tax returns claiming inappropriate refunds.  Little, if any, fraud detection filtering was in place as TY 2010 returns were being processed with the primary emphasis being placed upon quick refund processing and payment.  In fact, refund checks were being written within days of receipt early in the filing season even before the IRS would have received information returns that would eventually be used to validate returns.  The Government Accountability Office has described this IRS business model  as a “Pay and Chase”  enforcement approach.  http://www.gao.gov/products/GAO-15-482T

Addendum 12 Jan 2016:  During this baseline period, and until the closure mandated by the Bipartisan Budget Act of 2013 took effect in March of 2014, DMF data was widely available from the official site at NTIS and elsewhere.  It should be noted, however, that in December of 2011 all of the major genealogical sites responded to the possibility that thieves might have gotten information used to file fraudulent tax returns from their resources by masking the display of deceased persons SSNs for a minimum of three years after their death.


If, as reported, the IRS began the use of fraud detection filters (likely including the Death Master File) in December 2011, we should not be surprised that TY 2011 data reflects a significant reduction in the number of undetected fraudulent returns involving the SSNs of deceased individuals.   In TY 2010,  the 104,950 deceased cases represented slightly over 7% of the total 1,492,215 potentially fraudulent tax refunds paid that year.  In TY 2011, the 19,102 deceased cases represented approximately 2% of the total 1,086,998 cases.  The pleasant surprise occurs when one considers the extent to which the IRS development of a series of filters, scoring algorithms and clustering methodologies over the last four years has improved the detection of identity theft returns involving the living, a far more difficult task.TIGTA TY2012

TY 2012 improved further with 12,338 deceased cases representing slightly over 1.5% of the total 787,343 cases determined to be potentially fraudulent.  The dollar amounts of the TY 2012 questionable refunds involving the SSNs of deceased individuals ($22,239,751) represented barely 1% of the $2,137,397,982 total.

These results are clearly consistent with the assertion that the IRS, once they began to develop filters to flag potentially fraudulent tax returns in December 2011, continued to expand and improve the events which would prompt additional scrutiny of a return before a refund check would be processed. That initial set of filters used in processing Tax Year 2011 returns using 11 filters was increased to more than 80 for Processing Year 2013 generating the further improvements seen in the Tax Year 2012 results above.

Updated 13 Oct 2017:  Added data for TY2013

A subsequent blog entry will provide further analysis of this information and explore the implications of these findings.









Share Button