Can a genealogy site display personal info without my permission?
March 31, 2010 1:37 PM   Subscribe

Is it legal for a random genealogy website to display my full name, birthdate and mother's maiden name without asking my permission?

I just received a Facebook email from someone with my last name. Said he was from "mylastname".org and wanted me to confirm my parents' names (including mother's maiden name) and my grandfather's name.

Annoyed, I went to the "mylastname".org website and was gobsmacked to see that this person / organization has information displayed on more than 55,000 people (including first, middle, last, and maiden names, full dates of birth, and mother's maiden name). Didn't have to sign in, use a password or anything. I'm 100% certain that I never provided this information to this person -- god only knows where they got it from in the first place.

I mean in the 21st century this is incredibly stupid, no? Beyond that, is it legal? It seems crazy to me that this is floating around out there without people's permission but perhaps I'm just being paranoid.
posted by anonymous to Law & Government (13 answers total)
all of that can be found through public records, i'm pretty sure.
posted by nadawi at 1:42 PM on March 31, 2010

I mean in the 21st century this is incredibly stupid, no?

It's not stupid that it is easy to get the information from birth certificates. The stupid thing is that people use the information from your birth certificate for authentication purposes.

Beyond that, is it legal?

Almost certainly yes.
posted by grouse at 1:44 PM on March 31, 2010 [9 favorites]

Reputable genealogy sites (MyHeritage, hide the details for living people, to avoid this issue.
posted by smackfu at 1:50 PM on March 31, 2010 [1 favorite]

For what it's worth, I have found this type of information posted about my family twice. Once was on a large genealogy site, and once was on someone's personal site. Both times, I sent a polite email asking them to remove the information, and both times they complied and it was removed within 24 hours.

I don't think these people mean any harm. To them, it's a hobby to collect names and such. I don't think they fully understand that some of us don't want our names collected, nor do they think of the full implications -- family secrets, etc., that they might be exposing, data like SSNs (yes, one of the sites had that) plus mother's maiden name that might be used wrongly, and so on.
posted by Houstonian at 1:50 PM on March 31, 2010 [3 favorites]

Sorry, but it is legal and part of the public record. The whole "mother's maiden name" identity test worked a lot better before the internet came along. Now, it is worthless.

I found out from my granddad that his relatives that came to America had such thick accents and the government official didn't have the patience to deal with a dirty foreigner coming to America to steal jobs so he gave them a bastardized name which was easy to spell and say. I give banks the correct "mother's maiden name" when I open accounts now so identity thieves finding my name in a google search will not have the right name. No one has ever questioned what I say my momma's maiden name is in an official capacity.

(stoneweaver: my birth certificate lists my mom's maiden name in addition to her married name so it saves a step)
posted by birdherder at 1:56 PM on March 31, 2010 [1 favorite]

Legal, yes, but bad genealogy etiquette. Most reputable sites hide the info on living people.
posted by hworth at 3:30 PM on March 31, 2010

Contact the owner of the web site and ask to have your name removed. Cannot hurt to ask.

Someone who knows your details undoubtedly posted them.
posted by yclipse at 3:32 PM on March 31, 2010

Most reputable sites hide the info on living people.

Indeed, standard genealogy software will do this automatically [e.g.]. You have to either enter the information online manually, or override defaults.

But with 55K names this doesn't sound much like genealogy to me. It sounds more like a scam of some kind, like selling you subdomains or e-mail addresses -- this was big a decade plus ago during the first domain name land rush. If you look at legit researchers on or wherever it's pretty unusual to have more than 500 people in a tree. Thousands and thousands suggests to me that it was all scraped from a database to begin with (like
posted by dhartung at 4:47 PM on March 31, 2010 [1 favorite]

I hope you didn't give them a credit card number, 'cause that site (and the email it sent you) sound hella phishy to me.

Speaking of which: contacting them will only verify that they have a "live" Facebook account and an email address they can spam, and that they have your correct first, last, and mother's maiden names.
posted by ErikaB at 4:57 PM on March 31, 2010

Yeah it sounds fishy; I'm not sure I'd contact them. You don't want to verify for them that, out of their 55000 names, yours is an actual person, probably with a bank account!

Others are absolutely correct though that your ire should be entirely directed at institutions who stubbornly persist in using publicly-available information like "mother's maiden name" for identity-verification purposes. That is what should not be happening in the 21st century.
posted by Kadin2048 at 6:23 PM on March 31, 2010

Most sites, like the newly-circulated, have a privacy page where they will let you request to have your info removed. Although, if I had gotten an email about it, I might be hesitant.
posted by IndigoRain at 10:49 PM on March 31, 2010

You need to look into PII laws. They differ in different states.
posted by about_time at 5:16 AM on April 1, 2010 [1 favorite]

One thing to keep in mind is it's OK to lie about your mother's maiden name when you set up accounts. They just want a bit of information that a stranger wouldn't be likely to know. As long as you can remember what you told them, the answer to that question can be pretty much anything.
posted by willnot at 12:03 PM on April 1, 2010 [1 favorite]

« Older There...Are...THREE...Lights! (hopefully)   |   Help Me Source Scandinavian Design Magazines. Newer »
This thread is closed to new comments.