Search This Blog

Monday, March 03, 2008


Chris Hoofnagle, senior fellow at the Berkeley Center for Law and Technology at the University of California at Berkeley, has compiled a report that documents incidents of ID theft with U.S. retailers, telecommunications companies, and financial institutions. The data comes straight from consumer complaints registered with the Federal Trade Commission; 88,000 from January, March and September of 2006, to be exact. It is the first of this style of report I have seen since starting this blog three years ago that would allow consumers to make educated decisions on where to bank, shop, and what cell phone company to choose. MBNA/Bank of America leads the way in incidents per month, followed by AT&T, Sprint, JP Morgan Chase, and Capital One. Macy’s, Comcast, DIRECTV, eBay and Bellsouth have the least complaints. Hoofnagle concedes the report’s limitations: “It needs more information to be useful to consumers.” commenting in a New York Times article. You can see the full 16 page paper here. For some time now we have needed something that would convince consumers just how critical the identity fraud issue is, but, as presented, the report is “Version 1.0,” and hopefully this will expand into something that will aid the public in protecting their names and personal data. Other sources exist: a Chronology of Data Breaches by Privacy Rights Clearinghouse and a similar listing at Identity Theft Resource Center. But as these two non-profits will admit, most of the information is taken from media reports. Now here’s a wild idea. What is needed is two reporting systems to be created; one from the company or government agency committing the breach, and the second from the victims. Both sides would filter into one database that would separate and categorize the incidents, even connecting the breaching party with the victim. Federal legislation would be required to initiate both parts of the plan. First, congress would have to pass a bill mandating that any company or government agency report a breach, regardless of its severity. Another bill would give consumers control over their names and personal data, allowing them to determine how their private information is used. This would include a procedure for individual approval over any transaction using their sensitive data, with the results input to the main database for analysis. Consumer control over their private information could all but eliminate identity theft, but if something did fall through the cracks—the ID thieves are way ahead of us in technology—it would be caught in the system. But that is from my point of view. Chris Hoofnagle was senior counsel to the Electronic Privacy Information Center (EPIC) and was in charge of the organization's West Coast office, before joining the Berkeley Center for Law and Technology. He is a nationally recognized expert in information privacy law, and he has testified before the U.S. Congress and the California Senate and Assembly numerous times. In the abstract from his report, he laments over the lack of information in the identity crisis, and how this is acutely hurting both business and the consumer. Again, from my perspective, it is beyond me how we have escalated to new heights in this dilemma, considering the severity of the increases in ID theft in 2007, yet are still stagnant at the federal level when it comes to any legislation, and still lacking at the state level with laws that truly protect the consumer.


Catherine said...

Have you heard of "Wireless Skimming" yet? We have the only American made solution to a problem most people have no idea exists. The store loyalty cards in your wallet, new debit and credit cards, employee badges, door access cards and the new REAL ID driver's licenses coming in May 2008 all have RF tags in them, containing your personal data. A wireless skimmer can remotely activate, capture, clone and use this information against you. Our Armadillo Dollar ( made in Gilbert, AZ. will stop the transmission of RF while you keep one in your wallet folded over those cards. Use promo code DILLY for 20% off our products!

jonty said...

Overwhelming article regarding office privacy systems. Have you heard of wireless skimming, Its the instrument which can leak all the privacy even if you are making the privacy as credit card.