Junk Mail 101: My Solution for Personal Data Loss

CitiFinancial, division of Citigroup, Inc., lost 3.9 million private account records this week. They are quick to say that no reports of unauthorized activity have been received. Heartwarming, but if you are a CitiFinancial customer, your personal data is out there somewhere for the hijacking. Read the story at MSNBC.com.

There are also a couple of other blogs on this subject I just discovered. They are BloggerRadio.com, and NETALOID. My kind of mavericks and they're worth your time.

The question is, just how much personal data loss is it going to take before the people in charge come up with an answer? This isn’t something we can keep putting off while the federal government figures out what’s going on. I know what’s wrong and how to fix it.

Pass federal legislation to give each junk mail shopper 100% control over the use of their name and private information. Create a system of checks and balances where you make the decisions while also shouldering the burden of responsibility. Although simplified here, the mechanics would go something like this:

Junk mail customers would register once and be assigned a unique ID similar to a Social Security number in its originality. You would use this ID in every junk mail transaction. Financial institutions would be required to reference the ID with all activity involving credit. Particularly, unsolicited credit card offers.

Each time your name is used, a flag would activate the ID (let’s give it a name right now) “NPD-ID,” short for name and personal data, which would place in motion a series of events…

First, you would be notified by e-mail or telephone that your name and personal data had been utilized.

Second, if it is a legitimate transaction, you need do nothing.

Third, if not, or if it is an unsolicited credit card offer, any reply to that transaction raises flags, and you would be notified again by e-mail or telephone.

If there is a problem, there would be an emergency, toll-free telephone number or e-mail address to contact.

Sure, there are kinks to work out and business will tell us that the process is impossible to implement without costing a fortune, which would, of course, be passed along to the customer. Not so!

If the junk mailers can develop a process that reads fifty million names in a matter of hours, purging the duplicates, selecting only those that purchased $100+ in the last 30 days, extract your telephone number and/or e-mail address, confirm that you are a homeowner, and verify your age, income and education, they can implement my plan at minimum cost.

Now, that covers approximately 55% of the population. What about the rest who aren’t junk mail shoppers? They will also want to register for the NPD-ID. The reason? Any business dealing with the use of your name and private information will be required to access the NPD-ID file to assure compliance with its regulations of consumer notification. That would include unsolicited credit card solicitations to non-junk mail shoppers.

And here’s a huge plus. The almost complete elimination of identity theft. The credit card offers are duck-soup to stop. When the ID thief tries to open an account in your name, you get notified, respond, and they nail him. Or, if financial data is stolen, or is lost in mainstream business, you follow the same procedure as with the ID thief. The NPD-ID won’t stop ID thieves from trying, but it stops them in their tracks from completing the theft.

Simple, practical, and doable. You can pass all the laws you want to for mass-notification—like in the cases of CitiFinancial, ChoicePoint, LexisNexis, Bank of America, etc.—and there are obvious advantages. Awareness wakes up the population but we soon doze off again. The only guaranteed solution is to pass federal legislation to give the consumer 100% control over their name and personal data. And, I believe NPD-ID is a good start. What do you think?