Land Registry ID theft threat is 'nonsense'

Credit companies and other organisations are using the public’s fear of identity theft and making up “nonsense” to generate publicity and money, a computer security researcher has claimed.

The statement from Richard Clayton, a security researcher at Cambridge University, follows press claims from credit company Experian which said the Government's Land Registry website contained enough “very very sensitive” public information about a person to “provide the building blocks to steal identity.”

Anti-ID cards pressure group, NO2ID also raised similar concerns in a national paper.

The Land Registry, which has been open to the public since 1990, has been available online since 2005. Under the 2002 Land Registration Act people can pay £3 and download information about the house they plan to buy by entering the property's postcode. This includes copies of mortgage deeds and leases, which contain the signatures and names of homeowners.

However, according to Clayton, the details found on this site are “nothing new” and not enough to lead to identity fraud.

He said: “It’s not a new thing to have so much information kept about oneself on a database. Where someone lives is not a secret and neither is their signature. Companies that say that these can lead to identity theft are causing unnecessary panic.”

Clayton said that a signature, for example, would not lead to identity fraud because it is often checked and verified by experts who will look at things such as the pressure on the paper.

Andrew Flint, head of residential property and partner at law firm Colman Coyle LLP, agreed. He said the information on the site had always been available to the public as it was an essential piece of information in identifying if the “apparent seller of a property was the true owner.”

“What the actual register for an individual reveals is the full names of the registered proprietors (the owners) and their address 'for service' of any documents or notices. It does not include the amount of any loan,” he said.

However, he pointed out that the register would contain the name of the mortgage company for each registered loan or charge, something Mr Clayton admitted could be used to commit phishing scams, which would be done by sending out emails with the building society or bank logo.

“What people should remember, in this case, is that banks and building societies will never contact or ask for any information over email or send links to their websites.”

A representative for the Land Registry said: “We have no evidence of any fraud being done from information from the Land Registry in this way. If we did we would investigate the matter thoroughly.”