Search This Blog

Wednesday, April 23, 2008


Dianne Feinstein, the U.S. Senator from California, a Democrat, thinks Americans need identity theft protection after the person has already become the victim of a breach. She said so in an opinion piece to the California Sacramento Bee newspaper. She isn’t alone, either on the state or federal level. Every piece of legislation out there, whether introduced or passed, even the landmark California law that exposed the ChoicePoint breach in February of 2005, is designed to pick up the pieces after your sensitive data has been stolen or lost. If this were the only option, I would say go ahead now and make the legislation federal which would give business and government uniform guidelines to work with. But it isn’t. Feinstein says, “It's time for Congress to take action and give Americans the tools they need to protect themselves.” The problem is, the legislation she introduced five years ago, which still hasn’t passed—having tenure both before and after Democrats took over Congress—works just like all the rest, kicking in only after the damage is done. There’s some good stuff in her bill, just like many others introduced since the data hit the fan in 2005. Requirements like telling victims exactly what happened, and notification of the breach. And she does want to tighten up the controls on government agencies. However, unless the victim is notified immediately—and that is never likely to happen—a stolen Social Security number could be sold by the identity thieves within the hour, and used by the underground buyer to open new credit accounts or drain the resources of current accounts before the company or government agency even discovers the breach. This is exactly what happened in the TJX (TJ Maxx, Marshalls) incident. I’m sorry but I agree with other privacy advocates that even one breach of your private information is too much. The part of the Senator’s opinion piece I like most is when she puts the monkey on the right back…George W. Bush. She commented about the administration’s instructions to federal agencies about breach notification, the culmination of which resulted in Hillary Clinton’s passport file being breached with months passing before she was notified. GWB will go down in history as perhaps our worst president ever for many reasons, not the least of which will be his desertion of, and arrogance toward, the average consumers’ privacy needs. But Democratic Senators like Feinstein could have done much more to help the consumer’s plight. She could have introduced legislation to grant consumers control over their names and personal data, while compensating them when it is sold to offer incentive to shoulder this new responsibility. I even suggested this to her three years ago. No reply.

No comments: