Search This Blog

Wednesday, March 05, 2008


If you haven’t already read it, check out the Associated Press story on how one utility company handles customers’ personal data required for providing service. Milwaukee-based WE Energies apparently allowed employees to surf the private information, snooping on an ex-boyfriend’s account, another to serve court papers, and one who owned property to look at a tenant’s finances. Documents obtained by the AP indicates that this is routine for the utility’s workers, and “a common practice in the utilities, telecommunications and accounting industries, privacy experts say.” Larry Ponemon, founder of privacy research firm, Ponemon Institute, says most of the companies are doing very little to stop it. A lobbying association spokesman for utilities said he wasn’t aware of other similar situations, but the article indicates the industry is pretty closed-mouth. I did some preliminary research and could find no other incidents recently, but this really wouldn’t be considered a breach in the sense of what happened at say ChoicePoint, TJX, or the Veterans Administration. Because WE Energies thinks they have it under control, and because the data hasn’t been used to commit a crime—at least as far as they know—the whole episode could be swept under the table and relegated to yesterday’s news. But that isn’t how Jay Foley, executive director of Identity Theft Resources Center sees it. He thinks the states, who regulate these utilities, should track any employee’s online habits who have access to the sensitive data. Things like the customer’s name/address and payment history, Social Security number, phone number, even income and medical information. I’m sorry but as far as I am concerned, it should have been a crime for those employees to look at that private information for anything other than company business. The company fired or disciplined 17 workers, but who knows what they might have walked away with. The snooping was revealed when one of WE Energies employees leaked information to the media about a Milwaukee mayoral candidate’s late payments on his heating bills. He lost. But here’s what bothers me most: The fact that Ponemon believes these workers with all this access to customers’ personal data see nothing wrong with looking at it from curiosity or for “sinister motives.” It supports what I have been saying for the last three years; the fact that many employees working in data collecting companies—and most every business is—have no respect for the private information of others. I found this prevalent in the junk mail industry list business. Where you would expect the most concern, many times you find the least. It is, of course, a similarity to the attitude of most consumers over the potential of experiencing ID theft. It won’t happen to me. God save the “Apathetics.”

No comments: