WASHINGTON -- Betty (but call her BJ) Ostergren, a feisty 56-year-old from just north of Richmond, is driven to make important people angry. She puts their Social Security numbers on her Web site, or links to where they can be found.

It's not that she wants CIA Director Porter Goss, former secretary of state Colin Powell, or Florida Gov. Jeb Bush to be victims of identity theft, as were millions of Americans in the past year. Ostergren is on a crusade to scare and shame public officials into doing something about how easy it is to get sensitive personal data.

Data brokers such as ChoicePoint Inc. and LexisNexis Group have been attractive targets for identity thieves because they are giant buyers and sellers of personal data on millions of people.

But as federal and state lawmakers scramble to try to keep sensitive information from falling into criminal hands, they face a difficult dilemma: The information typically originates from records gathered and stored by public agencies, available for anyone to see in courthouses and government buildings around the country.

What's more, local governments have in recent years rushed to put these records online.

A wealth of documents -- including marriage and divorce records, property deeds, and military discharge papers -- containing Social Security numbers, dates of birth and other sensitive information is accessible from any computer anywhere. Many of the online records are images of original documents, which also display people's signatures.

Ostergren began organizing citizens and harassing officials on the issue in 2002, when a title examiner called to warn her that her county was about to put a slew of documents online, including pages with her signature.

A longtime activist in local politics, Ostergren swung into action, bringing enough pressure on Hanover County officials that they halted their plans. Then she broadened her attack, targeting other counties in Virginia and elsewhere.

Today, she is eager to guide reporters to her favorite example: the Social Security number of House Majority Leader Tom DeLay, R-Texas, which is viewable via the Internet on a tax lien filed against him in 1980.

"Don't you think if I can get Tom DeLay's Social Security number ... that some guy in an Internet cafe in Pakistan can, too?" she asks, her voice rising with indignation. "It's just ridiculous what we're doing in this country."

Even without people like Ostergren hounding them, the drumbeat of identity-theft revelations is the stuff of nightmares for cash-strapped county recorders, court clerks and other custodians of public records. They could start masking out sensitive data tomorrow for new documents they receive, but billions of records already are online.

"It's a national issue and it's hitting everybody," said Kathi Guay, the register of deeds in Merrimack County, N.H., who participates on a joint task force of public agencies and companies addressing the issue.

In addition to providing citizens with information on how their government operates, many public records are essential for commerce.

Knowing who has legal title to property, for example, is necessary for real-estate transactions. The presence of a tax lien can also affect a person's ability to buy or sell property or other goods. In some circumstances, Social Security numbers can help distinguish between people with common names.

But for decades, Social Security numbers, mothers' maiden names and other crucial forms of personal identity were routinely included in dozens of documents, regardless of whether they were essential and with little thought to the consequences.

That, in turn, enabled companies such as ChoicePoint to send workers to courthouses across the country to scoop up the data for their massive databanks. The information is collated, or analyzed, and re-sold to other companies and back to government agencies.

Many counties, in fact, package their data to make it easier for database companies to collect it.

"Public records laws were designed to shed the light on government activities, not our personal information," said Kerry Smith, an attorney with Public Interest Research Groups, a coalition of state consumer advocacy organizations. States are "clearly not striking the right balance when they release our Social Security numbers -- the key to our financial identity -- to commercial data brokers and anyone with access to the Internet."

Some states have passed or are considering laws restricting the release of certain kinds of data. Florida, for instance, gives consumers the right to have Social Security numbers and other data blacked out from view online.

But few local governments have the resources to go into all existing online records to remove sensitive data.

"Usually when you are talking about these issues, no one is talking about it retroactively," said Chris Jay Hoofnagle, West Coast director of the Electronic Information Privacy Center, an advocacy group. "They are talking as if it can't be addressed. Which is too bad."