Published August 2005
Theft
protection legislation
an important step
Protecting ourselves from identity theft is a hot topic
lately. We’ve all heard the dos and don’ts.
Do be sure to shred financial correspondence. Don’t carry
your Social Security card in your wallet. Do be sure to check your credit
report once a year. Don’t have your driver’s license number printed on
your checks.
So we follow the dos and don’ts religiously, signing up
for a secure post-office box and making confetti of our bank statements.
We go over our monthly credit card bills with a fine-tooth comb and have
our checks printed to carry just our names
— first initial, last name only
— business phone number and P.O. box.
Then we read in the newspaper that hundreds of thousands
of people across the country could fall victim to identity theft because
organizations such as ChoicePoint, Bank of America, Ameritrade — and most
recently CardSystems Solutions — have put customers at risk due to possible
data losses or security breaches.
Now, people who may be doing everything “right” in the
war against identity theft are learning a hard truth: They are not the
only ones who have control of — or access to — their personal information.
In an age when information can be digitally stored and
sent — including such sensitive data as Social Security, credit card and
bank account numbers that seem to better identify us in the eyes of society
than even our own faces — the odds are high that people other than ourselves
have access to our seemingly confidential information.
And when that information does fall into the wrong hands,
it ends up costing everyone big, with consumers facing an estimated $5
billion and businesses facing an estimated $48 billion in out-of-pocket
losses annually due to identity theft, according to the Federal Trade
Commission.
But maybe even more costly is the loss of confidence consumers
have in the companies with whom they do business. Who wants to risk the
threat of information being stolen, lost or sold to a third party just
to sign up for cell-phone service, procure an auto loan or perform any
number of transactions that we now do as a matter of course?
With nearly 10 million people victimized by identity theft
each year, it is well past time for a set of national standards to be
adopted for the corporate handling of consumer information, and Congress
is working to do just that.
The Comprehensive Identity Theft Prevention Act, which
originated in the Senate last April and has been undergoing hearings,
would create an Office of Identity Theft within the FTC to set information
standards and serve as a clearinghouse of identity theft information for
consumers. The bill also would give consumers the right to one free report
from data brokerages and would detail the proper handling of Social Security
numbers.
Indeed, the bill is a step forward and should ignite much
needed discussion on information security. Hopefully, that discussion
will include the efforts being put forth by other countries that have
had success in fighting identity theft.
According to a recent article by Associated Press reporters
Brian Bergstein and Matt Moore, European Union countries require companies,
in most instances, to inform customers about transfers of their personal
information to third parties and give those customers a chance to fix
incorrect data.
And many of the countries in Europe and Latin America
do not allow a consumer’s personal data, which was obtained for one purpose,
to be sold or shared for some other purpose without that person’s consent.
Rules such as these would put a modicum of control back
into the hands of the people who keep American businesses in business
— the consumers. They deserve to have a say in who can and cannot look
at their personal information and they deserve to know how that information
is being handled.
— Kimberly Hilden, SCBJ Assistant
Editor
Back
to the top/August 2005 Main Menu