Search This Blog

Wednesday, July 26, 2006

Congress Keeps Getting It Wrong...and So Do You

You are probably unaware of, and maybe even unconcerned with the fact that the House of Representatives is about to vote on a piece of identity theft legislation that is an insult to the citizens of this country. But why should you care? You’ve let it get this far without protest, so, like the saying goes, you reap what you sow.

HR 3997, The Financial Data Protection Act of 2005, will take away most of the rights you currently have, placing absolute control over your name and personal data in the hands of the same culprits who keep losing it. Like the 540,000 New Yorkers’ names, addresses, and Social Security numbers contained on a piece of computer hardware—didn’t say if it was a laptop—that is now missing since Monday of this week. Story on

But why should you care. It hasn’t affected you. Yet. The House leadership will most likely pass a bill that allows companies like ChoicePoint, Bank of America, Sharper Image, or just any junk mail or non-junk mail facility that holds your private information, to notify you only if they decide you are at risk. In other words, after the fact. If you are willing to take that, then, maybe the means justify the end.

Washington state Attorney General, Rob McKenna, said it best, when commenting in the article, “’Protection’ Act Would Strip Consumers of Credit Safeguards.” He said: It’s like telling someone you can’t put a deadbolt on your front door until after you’ve been burglarized . The same article documents how the finance and credit industries have donated over $12 million to political campaigns, and spent nearly $30 million on lobbying.

Susanna Montezemolo, Policy Analyst with Consumers Union, and Ed Mierzwinski, Consumer Program Director for the U.S. Public Interest Research Group, both oppose the legislation. Montezemolo says, “Congress should be helping consumers prevent identity theft, not making things worse.” Paraphrased, Mierzwinski adds that what the states have given—like the California law that caught ChoicePoint—Congress wants to take away, “…with this industry-approved bill that won’t prevent data breaches…”

Montezemolo also makes a point I have been blogging about for over a year now. She states: “Consumers are the greatest protectors of their own personal information.” Therefore, why not pass federal legislation giving them control over their names and personal data, and, while we’re at it, pay them when it is sold? Read more of their article at:

What everyone should know is that HR 3997 will amend the Fair Credit Reporting Act. The Act’s coverage, of course, does not fully protect consumers, but it is all we have from lawmakers who are either afraid, or too inept to serve notice on government agencies and the business community that the public, also, has rights.

And this will never happen unless consumers stand up for these rights, and demand that Congress do the right thing when it comes to the identity crisis. Tell them you want control over your name and private information. Encourage friends and family to do the same.

Write, E-mail or telephone your Congressional representatives and tell them what you think of this concept of controlling your name and personal data, and, being paid when it is sold. Contacting the House of Representatives. Contacting the Senate.

Wednesday, July 19, 2006

Junk Mail Industry Continues to Rob Customers

Perhaps this headline is somewhat severe when you consider the connotation, but certainly well within reasonable boundaries, when you look at the damage. The junk mail list industry reaps around $4 billion each year from the sale of your name and personal data. You are lured into the conspiracy by supposed convenience and the sale of products you desire, with a feeble warning that your name “might” be “occasionally” shared with other junk mailers.

You receive your merchandise, but not one penny from the repeated sale—25 to 50 times annually—of your name and private information that follows each purchase. The irony of this is that 98 of each 100 mailings go in the trash. And they wonder why it is called junk mail.

This all comes from my experience selling mailing lists for 35 years. As a privacy activist now, my goal is to pass federal legislation that will give consumers control over their names and personal data. At the same time, you should share in at least half of that $4 billion windfall each year. The proceeds could be taken either in cash, or put away in an interest-bearing account for retirement.

On July 4, I posted the article, “Independence Is Control Over Your Name and Personal Data,” which lays out my plan, and shows how similar law in the United Kingdom has worked in favor of the consumer without halting related business interests. Just this week I received data from the Brits’ Information Commissioner’s Office that shows just how effective their Data Protection Act has been. A complete article on this later.

Identity theft is rampant. Gasoline prices could reach $3 dollars per gallon any day. What better reasons for this control and compensation?

On the other hand, we’re dealing with a current administration and an incompetent Congress in so many areas that ID theft, and Americans’ privacy in general, is slowly evaporating. Along with this, data brokers and junk mailers, as well as non-junk mail companies that gather and sell our private information, go on their merry way harvesting obscene profits.

Yet, the very culprits responsible for the conspiracy are whining over how to get even more results from your names and private information. In a recent article, “Marketers Feel Data-Challenged,” from Direct, a junk mail industry publication, a survey reveals a general unhappiness by companies of not realizing the highest return from your personal data. They want more and more of it, but don’t know how to use it. Pathetic.

In keeping with the inaccuracy of ChoicePoint and Acxiom data from another survey ( 73% and 67%, respectively), junk mail marketers seem to fare no better, with only 30% reporting their data as reliable. Have you ever known of an industry selling its product—mailing lists—for $4 billion a year with an average error rate of 70%? I think not.

I did a couple of posts earlier in this blog that explore how junk mailers feel about being the proprietor of your names and private information: “Junk Mail 101: Junk Mailers Believe They Own Your Name,” and “Junk Mail 101: Junk Mailers Believe They Own Your Name II.” Each has its points about a business greedy to take advantage of this by-product of your junk mail shopping, and II even quotes some prices of industry mailing lists.

It’s almost a “squatter’s rights” mentality used for real property, but legally that won’t even work. This approach requires “exclusive use,” and your name and personal data is in the hands of several hundred junk mailers and data brokers…simultaneously. And, I have yet to see a valid argument from anyone in the business that it is legal to take control of something as private as this data by any party other than the name-holder.

So, it’s time to take back what is rightfully yours. Write, E-mail or telephone your Congressional representatives and tell them what you think of this concept of controlling your name and personal data, and, being paid when it is sold. Contacting the House of Representatives. Contacting the Senate.

Wednesday, July 12, 2006

Winner of the Big Brother Awards

George Orwell could not have envisioned that his imaginary 1984 character, Big Brother, would manifest itself into the symbol of the loss of privacy for generations to come. Although it is speculated by some that he really meant that 1984 would occur sometime after 2000—1984 could have been the year he completed the novel, 1948, with the last two numbers reversed—once again, could he have visualized a George W. Bush, with his rag-tag bunch of incompetent flunkies attempting to create an imperial presidency?

Probably not, but 1984’s major legacy is a tyrant called Big Brother, and we attach it to anything that reminds us of being under surveillance by government or business. And that is exactly where we are, characterized by the feds’ unrelenting spying techniques on innocent Americans, and junk mail and non-junk mail companies’ obsessive accumulations of our names and personal data.

Privacy International, a non-profit based in London, with its affiliates, presents the “Big Brother Awards” each year to government and private sector organizations that have done the most to threaten personal privacy. The ceremony has been held in sixteen countries since 1998, but we will concern ourselves with just the U.S.

The first of any significance was in 2000, where DoubleClick, then engaged in online media, received the “Greatest Corporate Invader” award for monitoring the surfing of 50 million net users. In the prior year, DoubleClick had acquired Abacus, a company performing analytical services for junk mailers by using sensitive customer data from catalog purchases covering almost half the U.S. households.

DoubleClick wanted to marry this private information with the net surfing habits of its 5 billion record database. This strategy was quickly rethought when privacy advocates, even junk mail industry leaders, reacted with shock.

Also in 2000, the “Lifetime Menace” award was bestowed on TransUnion, one of the big-three credit reporting companies, for selling credit reports to marketers and keeping inaccurate reports for years. TransUnion was also a persistent litigator to sell personal data their way. They went through a ten-year court battle with the Federal Trade Commission over the selling of sensitive credit information. They lost. In the end, the Supreme Court refused the case.

It should come with no surprise that ChoicePoint won as the “Greatest Corporate Invader” in 2001, for massive selling of records, accurate and inaccurate, to cops, direct marketers, and election officials. Then, of course, the bomb dropped in February of 2005, starting a string of data breaches that it seems will never end.

In connection with the “inaccurate” records, Privacy Activism, another non-profit, did a study on errors found in ChoicePoint’s data, which included name, Social Security number, address, and phone number. The mistake rate was 73 percent. Still not surprised.

And the one to watch that could bring Big Brother to all our doorsteps is Acxiom, winner of the “Worst Corporate Invader” in 2005, for a tradition of data brokering. Has to have something to do with that Privacy Activism study, where Acxiom’s sensitive records had an error rate of 67 percent. The reason to keep an eye on them is partly due to the company’s aggressiveness in pursuing government contracts for clandestine programs like CAPPS II, where the feds could secretly share with them everything they know about you.

Oh, by the way, a mailing list company by the name of Response Unlimited shared the Acxiom award, because they tried to sell the list of donors to the Terri Schiavo cause…while she was still alive. I can hardly wait for the 2006 Big Brother Awards.

Tuesday, July 04, 2006

Independence Is Control Over Your Name and Personal Data

What better way to celebrate July 4th than having the right to control your name and personal data, and be paid each time it is used. It won’t happen this year, but it could by 2007. It all depends on your reaction to this concept, and being able to get a grass-roots movement going that would force Congress to pass federal legislation to give consumers this right.

It is not only a right, it is a necessity, if we are to curb the onslaught of the current identity crisis. And if you have read any of the carefully planted articles that claim the crisis is overblown, be aware of the statistics from Javelin Research, provided on the Privacy Rights Clearing House site, “How Many Identity Theft Victims Are There? What Is The Impact On Victims?” PRC is one of the largest and most respected privacy advocates in the U.S.

Javelin says that even with a decrease, the number of identity fraud victims was 9.3 million in 2005. Total fraud was $54.4 billion that same year. At the hands of ID thieves in 2005, each victim suffered $5,885 in financial loss, and it took them 28 hours to correct the problem. But it’s a problem you probably won’t worry about until it happens to you and…then it’s too late.

Freezing your credit will help, but unless you are notified at once and you react immediately, there is still the chance the crooks can hijack your private information. And, there is the hassle involved for you to unfreeze your account for legitimate reasons. Paul Wenske did a good article on this subject in the Kansas City Star, “’Freeze’ on credit meets a lukewarm reception.”

There is only one answer to protecting our names and personal data, and holding Big Brother at bay when it comes to business and government usurping individual privacy. Orwell’s 1984 predicted it, and we are very close to fulfilling his prophesy, but Americans are beginning to see the light and the need to protect their inner sanctum.

This can be accomplished by passing federal legislation that gives consumers (1 CONTROL over their names and private information, and while we’re at it, give them the (2 RIGHT TO BE PAID each time it is sold. Government and business reaction is that this would halt commerce in its tracks, but this hasn’t happened under the United Kingdom’s Data Protection Act of 1998. The Act requires the U.K.’s Information Commissioner’s Office to approve any use of personal data.

1) Taking the U.K.’s Act one step further in giving the individual approval, U.S. law would set up a system where consumers, business and federal agencies are assembled in a database that assigns each a unique ID, which would replace the Social Security number for identification. This ID, along with a Pin number chosen by each person, firm or agency involved, would be the key to using the system. Any business or government entity wishing to access consumer names and private information would sign in with their ID and Pin.

But first, the individual would opt-in, or opt-out of all junk mail use of their name. Opting-out would deny any commercial or government use of data, except for emergencies.

Whether one or a million records are required, an automatic signal would be sent to each name-holder by urgent e-mail or telephone message, repeated regularly until the recipient responds. The notification would alert the consumer as to what the nature of the data request is, and, if legitimate, could be authorized immediately. If not valid, the individual so indicates, and the transaction is stopped at that point, causing no harm, and with minimum effort by all concerned.

Arrangement would be made for medical or financial emergencies, as well as the needs of national security. All activity would be subject to oversight by a committee including private citizens, along with federal and industry representation.

(2 In the case of compensation in the sale of consumer names and personal data, this same system would calculate revenue by individual, and maintain an accounting of what is due. Based on the junk mail industry’s annual take of $4 billion for the selling of names and private information, I feel the name-holder should receive one-half. Ideally, it could be placed in an account bearing simple interest of 3 percent, and the person could eventually draw around $607 a month to supplement their retirement, or take the proceeds in cash.

Write, E-mail or telephone your Congressional representatives and tell them what you think of this concept. Contacting the House of Representatives. Contacting the Senate.