Washington State

Office of the Attorney General

Attorney General

Bob Ferguson


Olympia - Governor Chris Gregoire and Attorney General Rob McKenna have sent letters to state agency directors urging them to take steps now to protect personal information from landing in the hands of identity thieves.

Governor Gregoire and Attorney General McKenna said Washington employees have been leaders in the fight against identity theft for many years and must continue to do their part to protect information.

“State agencies collect, use and store citizens’ personal information in order to perform many important government functions,” said Governor Gregoire and Attorney General McKenna in the letter. “It is critical that every agency protect this information from identity thieves.”

Washington state laws require state and local government agencies and businesses to destroy certain personal information prior to disposal and to notify affected consumers when a data breach occurs.

“Prevention is the key to reducing identity theft before it occurs,” said Governor Gregoire. “Attorney General McKenna and I believe it is critical that every agency protect citizens’ personal information.”

The letter asks management teams to review policies and procedures concerning how agencies collect, store and dispose of private information and, if necessary, to update those policies. Agency leaders must be sure managers and staff review and recommit to the principles of Executive Order EO-00-03, Public Records Privacy Protections (http://www.governor.wa.gov/execorders/eoarchive/eo_00-03.htm).

Governor Gregoire and Attorney General McKenna said state agencies should limit the collection of private personal information to what is necessary to perform agency functions and, whenever possible, eliminate the use of Social Security numbers. They cited the Employment Security Department as an example of an agency that recently removed Social Security information from documents relating to liens. The department now uses bar coding for internal purposes.

Agencies should limit access to personal information to staff who need the information to conduct agency functions. They also should consider issues regarding the disclosure of private personal information when entering into contracts or data-sharing agreements. Employees who share information with private contractors or other public agencies should confirm that the recipient has the necessary procedures and safeguards to protect the information.

“Safeguarding information is a joint responsibility of citizens, businesses, and the public sector,” said Attorney General McKenna. “We’ve repeatedly urged consumers to shred sensitive documents, secure their mailboxes and install anti-spyware software and firewalls on their computers. To win the battle against identity theft, government agencies and businesses must also take an active role in protecting their customers and themselves.”

Washington’s Law Enforcement Group against Identity Theft (LEGIT) recently sent letters to 800 city and county executives across the state that urged local government leaders to review how their organizations store and manage sensitive information and tightening procedures. McKenna, Department of Licensing Director Elizabeth Luce, King County Prosecutor Norm Maleng and LEGIT members signed the letters.

LEGIT is a multi-agency group created by Attorney General McKenna following last year’s statewide Identity Theft Summit. This group is working on a number of initiatives to reduce identity theft in Washington.

Washington now ranks seventh in the nation for per capita reports of identity theft, up from eighth last year, according to statistics tracked by the Federal Trade Commission. The report showed that over 5,800 Washington residents reported they were victims of identity theft in 2005.

– 30 –

Media Contacts:

Kristin Alexander, Attorney General's Office Public Information Officer, (206) 464-6432
Governor's Communications Office, (360) 902-4136