Search This Blog

Wednesday, March 28, 2007


ONE MORE WAY TO SAFEGUARD YOUR PERSONAL DATA


Maybe you have already figured this out, but I just discovered another crack in the dam for potential ID theft. When ordering pizza from a new source last week, the guy didn’t accept checks, but would accept a credit card. He took the CC number down, and promptly added that he would tear up this slip of paper and throw it away immediately. As if he was conscious of the possibility of my private information getting in the wrong hands. It occurred to me after finishing some great pizza, even tearing it up and throwing it away was not enough. Although his employees are probably honest, there are hundreds of inside jobs over the last two years since the ChoicePoint incident, where insiders have meticulously scavenged company trash for this sensitive consumer data. Remember years ago when credit card charge slips had carbon paper? For that reason, we normally pay by check in this kind of situation. There is a solution: request that the business save the paper your CC number is written on, and give it to you; in this case when the pizza is delivered. You’re probably thinking overkill, right? I’m thinking I just might have saved myself years of trying to repair my credit.

SHOCKED OVER THE HANDLING OF YOUR PRIVATE INFORMATION? APPARENTLY NOT ENOUGH.


Greg Palast, an irreverent journalist, did an article, “The Spies Who Shag Us,” back in 2006 that starts by taking the position that all citizens must be “shocked” over the fact that George W. Bush is spying on all of us. His ax to grind is the “link-up” between the government and private business like ChoicePoint that circumvent the 1974 Privacy Act, and collect every morsel of information available on each U.S. citizen. And by the way, I am not even sure the American public is that shocked. Maybe a few of us, but not sufficient to force business and government to quit manipulating our sensitive data in precarious, even dangerous ways. Palast makes a stronger point in his concern over the linking of one type of personal data to another; like medical records to credit card purchases or lifestyle activity. He compares Homeland Security to Austin Powers, and resurrects the ChoicePoint error rate of 97% in finding Florida felons in the 2000 election. The Federal Trade Commission gets from 15,000 to 20,000 contacts weekly from consumers on how to recover from ID theft or keep from becoming a victim. They put out millions of publications on the subject each year, but most of us still don’t get it. To curb the identity crisis, we must be given control over our names and private information, and we should be compensated when it is sold. The shock is that the American consumer hasn’t realized this and demanded his or her rights.

PLEASE READ AND SIGN OUR NEW PRIVACY NOTICE BEFORE WE CAN TREAT YOU FOR YOUR HEART ATTACK.


Until recently, the first thing a doctor’s office asked you for—before any treatment, of course—was your medical insurance. Now, required by the Health Insurance Portability and Accountability Act (HIPAA) of 1996, updated in February, 2006, the first thing you are confronted with is the privacy thing; like every visit you make, even if the last one was yesterday. Mondaq.com has a good article on this by the law firm of Thelen Reid Brown Raysman & Steiner. In the past I have posted on the subject of doctor’s offices as one of the largest depositories of sensitive data in the country. Another is mortgage companies. And folks, they use that ancient method of storage called file cabinets. Everything you reveal to your doctor, including your Social Security number, date of birth, your alcohol consumption, etc., is in the file. Plus, of course, all your ailments and the medications you take. The doctor today promises to keep all this private within the parameters of required sharing such as insurance companies, hospitals, other physicians. Of course we hope that’s what they’ve been doing all along. My concern is the less than maximum security, but at least they can’t take a file cabinet out of the office to do work at home. They can’t, can they?

TIDE NO LONGER JUST FOR WASHING CLOTHES


Another list…just another day in Washington. This one is called Terrorist Identities Datamart Environment or TIDE, and it is a database of individuals the intelligence community thinks could do harm to the United States. It seems that for the first time they’ve lumped foreigners and American citizens in the same pot, and some are beginning to boil over the privacy implications. You can get on the list relatively easy, but apparently it is near impossible to get off. There is, of course, an error rate caused by bureaucratic incompetence, spawning horror stories when there is a mix-up of names. In a Washington Post article by Karen DeYoung, she calls TIDE “…a vacuum cleaner for both proven and unproven information, and its managers disclaim responsibility for how other agencies use the data.” Is this just another example of a system out of control and over compensating to find terrorists, or is it yet one more step in the direction of creating a Big Brother environment? One of Orwell’s slogans in 1984 was: Ignorance is Strength. Unfortunately, today’s consumer ends up on the downside of this saying, as business and government establish their power in one personal database after another.

SAVING THE “APATHETICS” OF PRIVACY: PART III


In Matt Helton’s second paper on public apathy over privacy, he concludes that privacy advocates and academics are losing the war. Rather blunt, but he counters by releasing both for being at fault. It is “…due to an apathetic general populous.” he says. “Apathetics” like you or me, or the next door neighbor, who stand idle when our rights are challenged. Matt Helton realizes that the main players here are business and government in the collecting of your personal data; the former to manipulate consumers, and the latter to control American citizens. Business is in a conspiracy to cover up the identity crisis, and Helton explains it in two steps. First, loyalty programs; something free in return for your private information. Second, there is a cover up throughout the corporate world reflected in its promised, but never delivered security of your sensitive data. Supermarkets are prime examples of the frequent buyer approach in offering discounts for you to carry their store card, which records every item you purchase and maintains the information for years. On the other hand any company who accumulates your personal data will scream to the heavens that it is 100% secure, giving you a false sense of security as we know from the last two years. Next time, the government side.

Wednesday, March 21, 2007







COPY MACHINES ALSO DUPLICATE YOUR SENSITIVE DATA FOR THE TAKING


In this case, technology is moving too fast, and something must be done immediately to protect consumers’ private information. I am talking about the recent uproar over the fact that copy machines retain the data being scanned, placing it at risk for ID thieves. Read more. Just in time for tax season where everything the crooks need to know is being copied by thousands of tax preparers in preparation for sending it to the IRS. And I’m not sure there’s anything you can do about it, at least in the immediate future. It would appear, however, that electronic filers are safe. What we need here is an investigation into why there is a disc to retain data to begin with. I don’t care if it is a part of the processing procedure; use it and lose it. Some machines are protected by encryption or an overwrite mechanism, but either remains vulnerable just like in the real world of computers. Sharp seems to be the leader in security measures offering a kit a few years ago to encrypt and overwrite what was being scanned. This is one of those sneaky “back door” kinds of breach potential, and needs to be closed now.

BILL GATES CHECKS IN ON DATA PRIVACY


The Microsoft founder thinks there is “…a critical need for federal privacy rules that require transparency about data collection practices, grant users access to their own data and dictate what companies must do if a breach occurs,” according to an article on ZD Net News. Apparently he is joined by other companies like eBay, Hewlett-Packard, Google, Intel and Oracle. But don’t think the effort is all in behalf of the lowly consumer. What these industry giants are really looking for is one federal bill to replace all the state laws that are virtually impossible, both procedurally and economically, for business. However, Senator Patrick Leahy’s “Personal Data Privacy Act” is not the answer. There are too many loopholes for business to justify not reporting a breach, and the bill does not address the main issue: Control. Any serious federal legislation must give individuals the right to control their name and personal data, and provide them compensation when it is sold. Before Leahy gets started on this counterproductive legislation, contact your representatives: Senate; House of Representatives.

CONGRESS SLAPS FBI’S DATA-COLLECTING HANDS


Both sides of the aisle came down on the FBI again for misuse of its authority in the “so-called” security letters sent out to tap the personal data of innocent Americans. Get this: Congress warned the FBI that it could “lose its broad power to collect telephone, e-mail and financial records” in the hunt for terrorists. See MSNBC article. It’s like; Johnny was bad so go stand in the corner. The Democrats commented on how this is yet another example of “trampling” on the privacy rights of consumers. More Gonzales incompetence; and just another example of how the Bush administration is still bent on spying on every U.S. household in their march toward an imperial presidency. Hoover may have been a looney, but in those days the FBI was looked up to as the protector of the citizens of this country. Now it’s more like we have to worry about an American version of the KGB.

PASSING ALONG SOME GOOD ADVICE FOR ID PROTECTION


A corporate attorney passed these remarks along to the employees in his company, and many are worth mentioning here. His advice comes first hand, unfortunately, because his wallet was stolen. First, he says don’t sign your credit cards; instead put “Photo ID Required.” That means if the card is stolen, the thief can’t use it without also having your picture ID. Second, only use the last four numbers of your account number in the “memo” line, when paying by check. Personally, I’ve stopped using anything, and insure there is always a payment coupon enclosed with my check. Third, use a work instead of home phone, if the clerk asks for it; never put the number on your checks. Also, use a PO Box on the checks instead of home, if you have a box. The fourth was to place all the contents of your wallet on a copy machine and copy for reference. However, I recommend holding up on that until we’ve received some feedback on my earlier post about photocopiers retaining your scanned personal data. Fifth, file a police report in the jurisdiction where the credit cards were stolen, and call the three major credit reporting agencies: Equifax (1-800-525-6285); Experian (1-888-397-3742); TransUnion (1-800-680-7289). The ID theft issue is real and you’d better put the security of your sensitive data on the front burner before it’s too late.

SAVING THE “APATHETICS” OF PRIVACY: PART II


If you are an “apathetic” by my terminology, you think identity theft couldn’t possibly happen to you; only someone else has that kind of luck. Matt Helton, in his excellent paper on public apathy, says two principle reasons account for why you are absent from this debate: 1) You don’t know enough about the issue to be concerned. 2) You are not worried because you have been confused about the issue by business and government telling you there is nothing to worry about. Helton makes his point by pointing out the “political and economic arsenals” available that have the resources to create and maintain your confusion. After the last two years, most of us are sufficiently tuned in that we understand we were spied on by the National Security Agency, and companies like ChoicePoint are more concerned with greed than the security of our sensitive data. Helton quotes a phrase, incorrectly attributed to Ben Franklin: “Those who would give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety.” According to Michael Gaynor in an article on the Renew America site, the phrase was first used in a letter from the Pennsylvania Assembly in November of 1755 to the Governor of Pennsylvania.

Tuesday, March 13, 2007


LEADING PRIVACY ADVOCATE ALERT ON REAL ID


Privacy Rights Clearinghouse (PRC), one of the leading privacy advocates in the country has come out firmly against the Real ID Act. Although the deadline for state implementation has been pushed back to December 2009, PRC is trying to make it clear to the public that this law “…will increase exposure to ID theft.” In case you aren’t up to speed, the Act requires the standardization of state driver’s licenses, requiring your personal data (Social Security #, date of birth, etc.) to be captured in a huge database that can be accessed by a number of government agencies. Big Brother arrives in 2009 instead of 1984. If the Feds’ track record after Real ID is anything like it has been so far, we can expect an increase in identity theft, according to PRC. Counterfeited within hours of release, and because of the perceived reliability by crooks, the ID is gold in the hands of thieves. The cards will have a “machine readable zone” containing your personal data that could be scanned off the card by bars, merchants, even private parties. Our only hope is a new administration in the White House that realizes the sanctity of an individual’s privacy. It’s time to give consumers control over their names and personal data, and compensate them when it is sold.

THE ARROGANCE OF GATHERING CONSUMER PERSONAL DATA


MultichannelMerchant.com, which is part of Penton Publications, has said, in effect, that if the consumer won’t give up their private information, the junk mailer should go out and get it anywhere they can. Penton also owns Direct, a junk mail industry trade publications, with which I have disagreed on several occasions in the past. The procedure is called “enhancement,” a term that means the junk mailer has your name, address, telephone number, and credit card number, but wants to add to this your income, occupation, children in the household, what you owe on your home, whether you drink smoke or gamble, what you read, your ailments the medications you take, and the list can go on forever. Looking at Dictionary.com, “arrogance” is defined as an “offensive display of authority or self-importance; overbearing pride.” This is precisely the belief of junk mailers when it comes to their position on who owns your name and personal data. They do. You, the customer, have no right to argue with that, and the fact that the list industry grosses $4 billion each year from your name and private information. They’ve gotten away with it since the beginnings of junk mail, and will continue to do so if the American public does not stand up to this flagrant violation of your privacy and rights of compensation.

DIRTY DATA IS A CONSUMER PROBLEM


In a CRMToday article, the headline screams: “Dirty Data is a Business Problem, Not an IT Problem.” They’re wrong. Ultimately it is a consumer problem because of the grief poor data quality can cause the individual when accessed for legitimate means. Like the credit bureaus when you need a credit card, or apply for a home or auto loan. Like the data brokers who supply private information to your potential employer. You are personally in the hands of an array of companies, whose focus is on profits, not keeping the data clean. As an example, a study by the privacy organization, Public Interest Research Group (PIRG) found that 79% of 200 credit reports studied had errors. 54% had mistaken personal information, while 25% contained serious errors that could deny credit. The three major credit bureaus are TransUnion, Experian and Equifax. But the data brokers didn’t fare much better. A report by Privacy Activism found errors in 67% of Acxiom background checks, 73% for ChoicePoint. So what’s the problem? Money. Money better invested in acquiring more data, and enhancing it for a maximum return in the market of selling names and personal data. Better security doesn’t produce better profits, in the eyes of the list industry. It will either take federal legislation, or maybe even an act of God to get the leaders of this country to realize that the control over sensitive data must be given to the individual.

THE GUV-MENT DID IT AGAIN


As further substantiation for my post on the jeopardy of the Real ID Card, and data in the hands of government agencies, above, the Department of Homeland Security (DHS) appears to have already violated privacy laws in testing a new program they plan to use in spying on the American public. Similar to the Total Information Awareness (TIA) program killed in 2003 over concerns for civil liberties, this new echo of TIA called ADVISE for Analysis, Dissemination, Visualization, Insight and Semantic Enhancement, apparently made the mistake of using real data in the test rather than the fake data they were supposed to use. Read more. The real debate I have raised in several past posts is whether random data mining can be done without invading individual privacy? Based on my former experience conducting this kind of predictive modeling, there is no way to avoid exposing innocents Americans in the process. The reason is that it is mandatory to know the good guy in order to be able to identify the bad guy. It’s a common-sense thing that government agencies probably don’t understand, and wouldn’t want you to know if they did.

SAVING THE “APATHETICS” OF PRIVACY: PART I


If you haven’t already heard the term, my definition of the individual today who has no concern over the state of their privacy is an “apathetic.” One who goes merrily on their way thinking it could never happen to them, thus, giving away their personal data for anything from convenience to cheap product awards. Matt Helton submitted two papers to the Columbia Law School titled: “Public Apathy Losing the War for Privacy and a Free Internet Part I and II.” It is primarily directed to the Internet, but makes so many excellent points on privacy and the identity crisis that I felt like doing a series of posts that show the thinking of higher education on this issue. First, Helton finds the lack of success by academics, a few politicians, and privacy interest groups “staggering.” The reason is a culture that is paralyzed by private interests. He feels corporations acquire your sensitive data to manipulate consumers, and government uses it to control its citizens. And all this is possible because there is no outcry from the population; you apathetics have allowed it to happen. Just think about this basic premise related to the status of your privacy today for awhile. Helton’s reason for an absent public in Part 2.

Friday, March 09, 2007


WANNA BUY AN AK47 THROUGH JUNK MAIL? YOU CAN…THANKS TO THE GUN LOBBY


Jim Zumbo, a respected outdoorsman who spoke his mind, has been ostracized by the gun community for his comment, which was: “Excuse me, maybe I’m a traditionalist, but I see no place for these weapons among our hunting fraternity. As hunters, we don’t need to be lumped into the group of people who terrorize the world with them….I’ll go so far as to call them terrorist rifles.” He was talking, of course, about assault rifles. Apparently his career is over with the Outdoor Channel, Outdoor Life magazine, and Remington Arms Co. In King’s Outdoor World Blog, Zumbo says he was wrong to make this statement. I think the declaration was correct, and Jimbo should be ashamed for disclaiming what obviously came from the man’s sense of right and wrong. I personally don’t think anyone’s 2nd Amendment right should allow them to own an AK 47. Speaking of which, if you Google the subject, you can buy an AK-47 rifle from $500 to $600. They also sell UZIS, which would probably be perfect for dove hunting.

CONGRATULATIONS YOU’RE PRE-APPROVED…FOR DISASTER


If your household is like ours, you receive a number of credit card solicitation offers each month that headline the phrase: “Congratulations You’re Pre-Approved.” It’s an ID thief’s invitation to steal your identity, especially if you discard the mailing without shredding it. Even so, the number of hands this trumpeted announcement goes through can easily provide the avenue for theft. As a former member of the junk mail industry, I understand the importance of envelope “teaser” copy. That’s what it is; the company’s devious method to get you inside the mailing and sell you something. However, it is time for regulations on this methodology in keeping with the outburst of the identity crisis. As usual, the businesses won’t regulate themselves, so it is something that probably needs to be addressed by the Federal Trade Commission. Of course, that isn’t likely to happen either under this White House. In the meantime, the Fair Credit Reporting Act allows for you to opt-out of these mailings by calling (888) 567-8688 or go to OptOutPrescreen.com.

EXPERIAN PAYS HEAVILY FOR FAILURE TO DISCLOSE


Broken promises abound in the credit granting industry. One such situation finds Experian’s Consumerinfo.com recently paying $300,000 to settle with the Federal Trade Commission on charges that ads for its “free credit report” offer failed to tell folks they would automatically be enrolled in an ongoing monitoring program for $79.95 a year. The company had already paid a $950,000 fine in August of 2005 charging that it was deceptively marketing “free credit reports.” In the beginning, Consumerinfo.com told consumers they must provide a credit card which was “required only to establish your account.” They then automatically renewed some consumers by charging their credit cards without notice, according to the FTC. I subscribe to Experian’s Credit Manager in order to check my credit report for unauthorized use. A couple months ago Experian shut down my credit report, denying me access for a period of days. It was right after I did an unfavorable blog post on the company. After enlisting the help of a major privacy advocate, the report was up and available again. Experian had absolutely no answer for the problem. Go figure.

IF YOU PREFER PERSONALIZED JUNK MAIL, WHY NOT GET PAID FOR IT?


A recent study by InfoTrends market research firm found that junk mail shoppers prefer the paper approach over e-mail by three to one. And, you like your junk mail personalized, which means the mailer must know all about your private life. Things like your age, education, income, children, occupation, your daily habits and lifestyles, your ailments and what drugs you take. That’s only a speck of what they now know in order to personalize your junk mail. But if that’s the way you want it, that’s the way you’ll get it. Oh, I forgot to mention…all that personalization it takes to get you an offer for a digital camera is sold to other junk mailers for $4 billion annually. My point is, if you really crave this convenience, why not control the use of your personal data, and be compensated when it is sold? Seems fair to me, but most of the junk mail shopping public can’t get past the desire for the convenience. A dispassionate public for their individual privacy and the rights of control—“apathetics” I call them—still refuses to cash in on this gold mine. My Excel math tells me you could supplement your retirement for an average of $607 monthly at age 65. You could also go green by cutting down on mail you don’t want, although I can’t guarantee an Academy Award.

IF YOU FEEL LIKE GEORGE ORWELL IS LOOKING OVER YOUR SHOULDER, YOU’RE RIGHT


George Orwell in his novel, 1984, actually described the Internet. This comes from Jackie Jura’s site, Orwell Today. One of the characters says to Winston, the book’s protagonist, “Every day I talk over the telescreen with people in Melbourne and Durban and Washington. The whole thing is a miracle of co-ordination.” The telescreen, of course, was the way Big Brother monitored the citizens of the fictional city, Oceania. For some reason, Orwell eliminated this from his final draft when 1984 was published in 1948. The Bush administration, however, has seen fit to proceed with its plan for Internet surveillance, requiring Web sites to retain records of your surfing activity. See article. The intent is to investigate terrorism, child pornography, and other crimes. What’s left? Sounds like an open door to me for AG Gonzales to swoop in and spy on innocent Americans again. The Bush bunch has often used terrorism and child pornography to get what it wants, but now expands that to “other” crimes. That could include anything from murder to shoplifting. Orwell could never have known how foreseeable was his slogan: “Big Brother is Watching You.”

Tuesday, March 06, 2007


CONGRESS GETS “NICE” WITH OUR PERSONAL DATA LEGISLATION


Jon Swartz in a USA Today article says it’s “Round 2” in Congress’ drive to pass meaningful data breach legislation. His headline indicates a “less combative” group of lawmakers, which I interpret as…business has finally gotten their ear. To make my point, the strongest bill is the Leahy/Specter “Personal Data Privacy and Security Act of 2007,” Senate Bill 495, that allows the breacher to decide if there is “significant risk” of identity theft. It took California’s “Shine the Light” law, passed in January of 2005 to catch the first culprit, ChoicePoint, in February 2005, and start the data protection momentum going. SB 495 would pre-empt the California bill, which would put us right back at square one. A Roy Mark piece on InternetNews.com provides some good background on the Leahy/Specter legislation. It is obvious that even this new Democrat controlled Congress is not going to pass legislation that favors the consumer. There is too much greed for money and power, and that is exactly what business can supply.

SIX STATES TRY TO DUPLICATE CALIFORNIA’S DATA BREACH NOTIFICATION LAW


My state, Arizona, along with Hawaii, Maine, New Hampshire, Utah, and Vermont just passed data breach notification laws in an attempt to protect their citizens. They don’t. Most of the laws are pathetic, and two of them are laughable. All six states have the same provision as the Leahy/Specter bill allowing the business to determine if it is likely that harm will come to the victim. The two states with absurd stipulations are New Hampshire and Vermont. Keeping up with the feds in championing business over the consumer, these two New England darlings allow the business responsible for the breach to use publication through a statewide media outlet to notify individuals, if the direct approach costs more than $5,000. By the way, the average cost per victim experiencing identity theft is $5,720. Read more at Mondaq.com.

AFTER ALL THE FLAG WAVING, “REAL ID ACT” PUT OFF TO 2009


Talking about a state of chaos, that’s where this country would have been, had they implemented the much heralded “Real ID Act.” The deadline has now been pushed back to December of 2009, according to Gina M. Scott from Government Technology, as reported on the Website InformationLiberation.com. Senator Lamar Alexander of Tennessee commented it was a must vote since it was tied to legislation for Hurricane Katrina and the troops in Iraq. “But we had no chance to amend it—no debate, no hearing, and no consideration of other alternatives…an $11 billion unfunded mandate…” And here’s what must be included in this massive nationwide database: legal name; date of birth; sex; driver’s license or ID number; person’s photograph; residence address; person’s signature; person’s physical features; and anything else the Dept. of Homeland Security deems necessary at a later date. Considering the level of incompetence we have learned to expect from government agencies, the Real ID Act should be a cornucopia for ID thieves.

TWO DO-NOT-MAIL BILLS DIE AN EXPECTED DEATH


Industry publication, DM News, reports that the junk mail community is “keeping a close eye” on state legislation creating do-not-mail lists similar to the telemarketing do-not-call list. Two states, Colorado and Montana, just axed their bills; one with no explanation, the other, Colorado, is concerned over its effect on jobs. I am also concerned over the job market, but I am more distressed over the rampant loss of individual privacy, and the consumer’s inability to do anything about the abusive use of their names and personal data. Regardless, state laws are not the answer because that would require 50 sets of regulations for business to administer. Talking about raising the price of doing business, and they could say the government made them do it. NewDream.org, a non-profit concerned with what Americans want out of life, has a short piece on this, including the states with pending legislation, if you are interested. We can flounder all over the U.S. with attempts to solve this issue but there is only one real solution. Pass federal legislation that will give consumers control over their names and private information, and pay them when it is sold.

THE BRITS ARE STILL RUNNING FAR AHEAD IN PERSONAL DATA PROTECTION


I did two posts on this subject in the early stages of this blog, and praised the Brits for running circles around the U.S. in protecting consumer names and personal data. That was in 2005, when the ChoicePoint incident had just occurred, and data breach legislation was the talk of our congressional leaders. Almost two years later and you would think nothing had happened in between. Yeah, only 100 million-plus private records lost or stolen, resulting from over 400 data breaches. And this Congress is still standing around talking about the problem. Pathetic! The UK Data Protection Act of 1998 provides constraints on the use of consumer names and private information requiring notification of use to the Information Commissioner’s office. It stops just short of my concept to put the control in the hands of the individual. Just two weeks ago the Brits announced they are cracking down on the reckless use of personal data with sentences of up to a two year imprisonment for some violations. Read more. I’ve talked personally with both the Information Commissioner’s office and people in the UK involved in this issue, and, although the law isn’t perfect—what law is?—it works, and it is better than nothing.

Friday, March 02, 2007


OSCO PHARMACY (ALBERTSONS) RESUMES PRESCRIPTION MAILINGS


After a hiatus in 2006, our OSCO pharmacy has once again started to mail reminders to refill certain medications we purchase from them. I mention this because of a privacy incident with this pharmacist a few years ago, and the fact that, in September, 2004, Privacy Rights Clearinghouse (PRC) filed a lawsuit against Albertsons for improperly using and disclosing a consumer's private and confidential medical information for purposes other than just filling prescriptions. My episode with the OSCO pharmacist involved a cavalier attitude over the safety of my Social Security number in their database, and another occasion where the checkout clerk wanted to input family personal data into Albertsons computer. The PRC case claims Albertsons was paid from $3 to $4.50 per letter it sends by the pharmaceutical companies, $12 to $15 for each phone inquiry, allegedly collecting millions annually from your private medical data. I personally confronted our Albertsons store manager about their handling of this sensitive data. To begin with, he said, he would have to contact corporate and call me back. He never did.

ORGANIZED CRIME ON THE INTERNET GETS MORE SOPHISTICATED


In the 1970’s when you used the term “organized crime,” everyone assumed you were talking about the “Mob,” or the Mafia. They are still involved in the identity crisis, but now the term organized crime has broadened to mean anyone with the technological insight to steal what has become the hottest commodity in the 21st century: your name and personal data. The Washington Post had an excellent article in December, “Cyber Crime Hits the Big Time in 2006,” which I have already blogged on once. The reason for the sequel here is to emphasize the driving force behind this new crime family. “Botnets.” Software robots that run autonomously on a series of computers that have been “taken over,” and which are the main ingredient for phishing scams to steal your financial data, such as credit card numbers. Virus protection helps, but the crooks still expect to earn around $2 billion a year in the practice. Researchers say that online fraud will get even more sophisticated in 2007. Botnets are a “kissing cousin” to artificial intelligence data mining, the primary method used by the NSA to spy on innocent Americans.

ACXION CHARGES MAY CO. CREDIT CARD BUYERS WITH MORE DATA


Whatever personal data you gave May Department Stores to get your credit card—which was probably far too much—is being increased significantly by the addition of more private information provided by Acxiom’s Infobase database. Pre-Acxiom, May Co. had what you purchased and how much you spent. Post-Acxiom, the new amount of information is staggering, and the junk mailers are charging inflated prices for your name and the new data. To start with, your income, age, children’s age, and 90 lifestyle interests from your politics to whether or not you gamble, your investment habits, reading interests, ethnicity and religious beliefs, and where you travel. This all came from Acxiom’s—it has become nearly impossible to describe the size of the personal information these data brokers have on just about every American household, but, for the sake of this post, let’s use inconceivable—database, that was reported to have an error rate of 67% by Privacy Activism in 2005, a privacy advocacy group. But you don’t have a May Co. credit card? Worry not; Acxiom is probably already selling this program to every department store in the country.

MAGAZINES ARE RIPPING US OFF FROM START TO FINISH


If you are familiar with a term called the “float” in the area of finances, then you know it is the process by which a company holds money that belongs to someone else. Like travelers checks you purchase for a trip, with some left unredeemed for months or years. And like the magazine business that bills you months in advance for your subscription, and pockets the money until it’s actually due. They both have your hard-earned cash for long periods of time before it’s cashed in or due; the question is…what do they do with it? There were rumors years ago that a data broker bought a new corporate building off the float, between the time he received money for lists of names purchased for his junk mailers, and when he actually paid the list owners. That’s easy to understand with millions of dollars going through these companies each day. But that desperation to get you to renew your subscription to Harper’s, Hispanic, Better Homes & Gardens, Ladies Home Journal, Motor Trend, Newsweek, Reader’s Digest, Rolling Stone, Scientific American, and others like them has yet another purpose. They sell your name and private information for appalling amounts of money; remember…$4 billion made annually by junk mailers from your sensitive data. The magazines above are mentioned because they provide an interesting amount of selectivity along with you name. Things like your change-of-address, phone number, gift subscriptions, college students, sweeps joiners, your lifestyle interests, Internet surfers, and they even sell your name as an “expire” after you cancel the subscription. I checked Soap Opera Digest for heavy Kleenex buyers but it’s not available. Not yet.

FRIENDS & FAMILY UNKNOWINGLY DUPE FRIENDS AND FAMILY IN CELL PHONE SCAM


I am covering this scam because it seems to occur on a regular basis, and results in you giving up your private information. It starts like, “Just a Reminder…12 days from today, all cell phone numbers are being released to telemarketing companies and you will start to receive sales calls.” It proceeds to scare you by threatening that you will be charged for the calls, and finishes with a bogus solution. Call the number listed and your cell phone number will be blocked for five years. What really happens when you call the number is that the answering party tries to get as much personal data from you, along with your cell phone number. DO NOT MAKE THIS CALL! Even if you give them only your cell phone number, it is possible to match that with your private information through devious means. Read more. I received this recently from a friend who had no idea that it was the ID crooks calling, and that friend, plus a number of their friends, called the number giving their cell phone numbers. Cell phone numbers are not being released—at least not at this point, but who knows in this new information greedy society—if for no other reason because of the lunatics that would answer in their car when their attention should be on driving.