Search This Blog

Friday, April 10, 2009


In the last post, we talked about ID fraud protection services and whether or not you should pay for one. Almost everyone—that is, except for the services themselves—agrees it is a waste of money since you can do what most of them do, and it’s free. Lifelock was discussed at length because it has the most visibility due to all the press over lawsuits, but there are others. They have literally come out of the woodwork much as other “would be helping hands” have when disaster hits.

In the MSN Money article quoted yesterday, Paul Stevens, director of public policy at Privacy Rights Clearinghouse, considers these companies a “concierge” service, so if you’d be willing to pay someone to shop for you, this kind of ID theft protection is for you. Even Todd Davis, CEO of Lifelock, doesn’t disagree with that analogy. His company will also assist you when applying for credit, check for the sale of your private information on the black market, stop junk mail, provide a credit report, and, of course, the $1 million guarantee. All of this, except for the guarantee, can be done by the individual and at no cost. Todd soaks you $10.00 every month.

According to two of the class-action lawsuits, “…Lifelock’s $1 million guarantee is not a guarantee at all but just a ‘promise’ that the company is not actually obligated to fulfill.” Further, the terms of the guarantee are structured in such a way “…so there's really no way to get up into the million dollars." Basic coverage is for a “defect in product,” like accidentally forgetting a fraud alert or spelling your name wrong. Davis answers this by saying that this kind of wording is necessary to keep Lifelock from becoming an insurance company, controlled by state insurance commissioners.

One of the class-action attorneys makes a bold statement: “…that although the company is fulfilling its promise now, if there is ever a serious data breach and many of its customers are defrauded, the company may not fulfill its promise.” Examples given were insurance companies that failed to honor their flood clause in the wake of the Katrina disaster. Both attorneys and privacy advocates caution consumers that the $ 1 Million guarantee by Lifelock, regardless of its wording, is no guarantee to “ward off fraud or identity theft.” If you don’t take anything else away from this post, please believe this statement, and not just re. Lifelock, but for all ID theft protection services.

Many of you won’t listen to reason simply because you want to believe that you are covered, insuring that it wouldn’t happen to you. In a Morning Call post by Gregory Karp, quoting Consumer Federation of America who indicated most Americans won’t be in those 9 million annual identity theft victims, still says no ID theft service is foolproof. I can vouch for the fact that the crooks will always find a way around the latest technology. But CFA is impressed with a couple of companies: ID Watchdog and ID Theft Assist. So, if you must.

Wednesday, April 08, 2009


Is it necessary to pay a company for the protection of your identity? The general consensus is an overwhelming NO. Todd Davis, CEO of Lifelock, of course, does not agree with this. Neither do the almost 1 million customers of Davis’ company who pay $10.00 ever month for Lifelock to continually place fraud reports in their name for all three of the credit bureaus. The key here is the word, “necessary,” because this is something the individual can do in minutes, and for free. Are those of you who are customers feeling somewhat contrite right now, or still just lazy like most of us.

It still amazes me how today’s consumer, apathetic over the identity crisis, can rush to judgment on unproven services like this simply as a matter of convenience. I would venture a guess that most Lifelock customers don’t even know the specifics of their coverage, particularly what it doesn’t cover. A West Virginia law firm filed a class-action suit against Lifelock in 2008 charging their “…multi-million-dollar advertising campaign provided false and misleading information about the limited level of identity protection the company provides, and failed to warn them about the potential adverse impact the company's services could have on their credit profiles.”

This particular post was suggested by a reader’s comment which stated that, “Identity theft is the most dangerous scam out there.” I agree. He or she goes on to say the fraud has affected credit scores. It has. The comment closes by saying that ID theft protection is “very necessary.” My first thought was this is a sales pitch for a Lifelock clone, because the “from” line said True Credit, so I checked them out. It turned out to be another service offering credit reports and scores of the three credit bureaus for $14.95 monthly, this one run by TransUnion. I do believe these services can be valuable in keeping consumers up to date on their identity status, but I prefer the program offered by Equifax.

ConsumerAffairs is asking the question on MSN MoneyCentral: “Identity protection: Worth paying for?” And in the first sentence of this article, they quote other consumer advocates saying that Lifelock’s “…customers are wasting their money while the company’s founder insists it is the best way for consumers to protect themselves.” Todd Davis, Lifelock CEO, publishes his Social Security number to prove his point, and admits to 87 attempts to compromise his identity. However, he adds that only one succeeded in monetary success; $500 in a fraudulent loan.

In checking Lifelock’s record of complaints, ConsumerAffairs shows 6 complaints, the Better Business Bureau of Arizona gives it an “A” rating, receiving 39 complaints, all resolved, and the Ripoff Report 22 complaints. Based on this documentation of Lifelock’s customer service, the company appears to be upstanding with its subscribers.

But customer service is not the issue here. It is not a question of whether or not Lifelock’s service—or any other of these companies for that matter—is a necessity for consumers to protect their identity. The overwhelming consensus is still NO.

More on this subject next post.

Monday, April 06, 2009


The “whiners” are back in the form of the Direct Marketing Association’s (DMA) Mail Moves America coalition. They were “disappointed” by a San Francisco resolution attempting to create a Do-Not-Mail program. It’s not even binding, but it does reflect the 89 percent of the American public in support of a national registry similar to the FTC’s Do-Not-Call, according to Zogby research. SF Supervisor, Ross Mirkarimi, introduced the legislation last fall, and it was passed the end of March by a 9 to 2 vote of the San Francisco Board of Supervisors.

The PostalNews Blog said: “City Calls On California To Give Citizens Choice Over Junk Mail.” ForestEthics entered the fray again with Todd Paglia, FE Executive Director, saying, “Until now, junk mailers have stifled all efforts to give Americans what they want: an enforceable, comprehensive solution to junk mail’s waste and annoyance.” I did a couple of posts (here and here) on environmental issues in connection with junk mail, and the DMA’s constant whining over the Do-Not-Mail issue. More than 93,000 consumers have signed the ForestEthics petition for the creation of a Do-Not-Mail registry. You can sign up here.

Mirkarimi is a crusader for similar issues like when he passed the nation’s first municipal ban on the use of plastic bags. We have likely not seen the last of the Supervisor in the case of turning the Do-Not-Mail resolution into law. In support of his actions, the PostalNews Blog reports that 100 million trees a year are cut down to produce the 100 billion pieces of junk mail. Not surprisingly—after all, we do call it junk mail—44 percent ends up in landfills across the country.

Junk mail industry publication, Direct, weighs in on the whole thing with the usual bias toward junk mailers. Two points that need addressing are the article’s claim that a Do-Not-Mail resolution would do damage to the workforce, and that junk mail offers prices that are cheaper than traditional retail.

First, a statement made by Ben Cooper, Executive Director of Mail Moves America, in his claim that, “…we believe it is important that city, state and local governments not support legislation that would hurt the livelihoods of hundreds of thousands of workers.” How about the 9.9 million victims of ID fraud in 2008, costing them personally and collectively almost $10 billion. A Javelin Strategy & Research 2009 survey says that 33 percent of the respondents reported that junk mail credit card solicitations resulted in fraudulently opened accounts in 2008. On average it took each individual 30 hours to resolve the issue, some of which, no doubt, taken from work hours.

Next, at the end of the Direct piece, something from “The Lobbyist’s Take,” a statement is made suggesting that there are “…bargains available only to through-the-mail shoppers.” which would be lost with a Do-Not-Mail law. My wife is an avid seeker of bargains—even before the latest downturn of the economy turning a majority of Americans toward that lifestyle—and she finds repeatedly that junk mail is not the answer for the best price, particularly considering shipping costs that often are unreasonable when you look at the price of the item being purchased.

But you be the judge. If you want junk mail, just say nothing. If you don’t want it sign up at Also let President Obama and your congressional representatives know. Contact the White House, Senate, and House of Representatives.

Friday, April 03, 2009


Jillian Coleman Wheeler and her Grant Me Rich ploy are at it again. On March 19 she e-mailed me the following: “Whether you back the recent stimulus package or not, I think you'll find my newest blog post fascinating.” I didn’t. She continued, “It provides you with a quick overview of the otherwise mysterious process of how this bill is going to turn into grants for you and your fellow citizens.” It won’t, according to Herb Weisbaum’s article, “Free money from stimulus? Are you kidding?” on MSNBC. Most of the activity is from phony Web sites created to suck the life out of this new legitimate program. In her blog, Coleman Wheeler talks about money being funneled into Community Development Block Grants, which may be true, but that’s not what her e-mail says. As quoted above, she makes it look like individuals can participate (“…grants for you and your fellow citizens”), and Eileen Harrington, Director of the FTC’s bureau of Consumer protection flatly states, “There is no money in the stimulus package to send out individual checks to people.” Homeowner insurance mailings will take up the slack in dwindling credit card offers in 2009. DM News, junk mail industry publication, says 82 million offers were mailed in 2008, an almost 19 percent increase over 2007. Since I haven’t received one of these mailings, I cannot say if they are using any personal information in their appeal. If they aren’t, they do have it, you know; things like your percent of down payment, mortgage type and amount, lender name, purchase date, which also tells them the expiration date of your current homeowner policy, purchase price, and the list goes on. By providing this information, I am not encouraging the insurance companies to use the private data; the idea has already been hatched. If they aren’t already, they probably won’t use it until their attorneys tell them that if by doing so, they will still be able to beat the privacy laws. The Comperemedia survey also says they expect similar volume of homeowner insurance mailings in 2009 as 2008. I did a post on February 16, “Credit Card Solicitations Go Underground,” that covered the latest gimmick in credit card mailings. Instead of coming from the CC companies, now they are coming from companies you have regular dealings with who get a fee for hooking you. Your name and personal data in the clouds. You’re at 30,000 feet and you are aching for a martini. You can get one, of course, in the little individual bottle, so you give the flight attendant your credit card to seal the transaction. Bingo! You have just completed a “point of sale touch point,” according to Chief Marketer, a junk mail industry publication. You also did it when you “registered” with the gate attendant, so why not just collect all this good private individual information with a hand-held scanner and shoot it into another database. That is the thinking of the article’s author, Justin Jackson, who works for Donnelley Marketing, a subsidiary of InfoUSA. They are another data broker that ranks up there with ChoicePoint in size. Maybe it all sounds completely harmless to the average consumer, but based on 35 years as a data broker, I can tell you that it is yet another way to shanghai your sensitive data and sell it all over the world. This is only one example, but they came out of the woodwork on a daily basis when I worked in junk mail, and they are the deciding factor of why we are in the throes now of an identity crisis.

Wednesday, April 01, 2009


All my life I had been a Democrat, liberal in my outlook in the humanist point of view. Even tried to work for the Democratic Party in Arizona, but after witnessing some of the ineptitude of the organization heads, gave up, eventually deciding to withdraw my help. After some thought about how I wanted to pursue my political philosophy—which is still liberal, but not bleeding anymore—decided to become an Independent, and quickly changed my voter registration accordingly. Even then, knowing what a good President Barack Obama would be, once again offered my services to his organization in Arizona.

They didn’t even follow up to contact me; doing this to many potential volunteers as I later heard, and, no doubt, the major reason he lost the state of Arizona. I still voted for Obama, though.

Following the changeover, I did a couple of posts on Independents in May and June of 2007 you can see here and here. That stirred up some action with a couple of folks who are at the heart of the national Independent movement, who later put me in touch with my local Independent voter group, Grand Canyon Independent Voters, who is not officially affiliated with CUIP. By the way, be sure to check out the Committee for a Unified Independent Party (CUIP) site. Click on “Activist Center” at the top and look for your state’s group. Also, click on “About Us” for a wealth of fascinating information about CUIP and the whole Independent movement.

The national drive to organize Independent political thinkers has already been very successful. According to CUIP, 35 percent of American voters consider themselves independent. In Arizona, the registered number is 28 percent. The intent of the Independent movement is not to organize a new third party, rather, to give those voters who are no longer satisfied with the two-party system a way to express their political beliefs. And to have a solid organization behind them from which to get the truth about the candidates.

To give you an idea what your local Independent voters group is doing, I am quoting from a recent newsletter published by Arizona’s Grand Canyon Independent Voters (GCIV) organization. To summarize their “Mission,” it strives “To protect and further the rights of all of Arizona’s electorate.” Giving a voice to Independent and unaffiliated voters in the state. Encouraging and working with candidates to run for office. And to continue to expand our country’s traditions of democracy.

Those interested Arizonans can contact Scott Brannon at his e-mail address: or telephone him at 480-201-2162. Ask for a copy of the recent newsletter; it is full of interesting information and facts on the Independent voting movement. Currently, GCIV’s Web site is down for maintenance, but here it is for future reference:

One of GCIV’s goals—and one that should be important to any state without this option—is to open Presidential Primaries to Independent voters. As an Independent in the state of Arizona, I was not allowed to vote in the 2008 Presidential Primary. Thanks to a clinging “good-old-boy” network in Arizona’s legislature, an attempt to change this was thwarted.

Arizona could be a model where Independent voters show the rest of the country that a third voice—not party—with beliefs and ideas outside the traditional two-party system can be effective…and elect political candidates who agree. Call or e-mail Scott Brannon today.

Monday, March 30, 2009


Each of us would like to think that we are on top of our affairs, and in control of our everyday lives. That, of course, was almost brought to an abrupt halt by the Bush/Cheney assault on individual privacy. But if you thought that it was all resolved with President Obama’s inauguration, you have another think coming. Not that he may not make an attempt to solve the identity theft crisis—assuming he makes headway on other priorities like the economy, Iraq/Afghanistan wars, healthcare, education—but will he be able to prioritize this problem before it literally takes down American consumerism?

Liz Pulliam Weston, one of the best and most vocal consumer writers out there thinks there is hope, but the American public has to stand its ground. She even gives you the White House contact form, and a list of priorities to help you organize your concerns. Her concern is that she has “inadvertently” helped turn the system against you. That, of course, isn’t true, but she brings us up to date on how business has turned against the consumer, while she cranks out advice on how to be a good consumer. Some examples of bad practices are: mysterious cell phone taxes, unexplained bank statement “courtesy overdrafts,” services by cable and travel companies ending up substantially more than quoted.

Bleak, yes; but inevitable loss of our individual rights, no, according to Pulliam. She says it doesn’t have to stay the way it is in her MSN Money article, “How consumerism hurts consumers.” Here’s her take on the frightening population out there I call Apathetics: “Unfortunately, we've gotten so used to not getting what we pay for, or paying far more than we expected for what we actually got, that it's come to seem normal. Not right, but normal.” She levels on “whole industries” that have gone amok like credit cards and mortgages.

Pulliam says credit card issuers “…can change virtually anything about your agreement for any reason…jack up your rate, slash your credit limit, shorten your grace period and impose new fees with little warning and no provocation.” Further, “The way we handle mortgages in this country is far too complicated and fraught with hidden conflicts of interest for a borrower to ever be sure he or she has gotten the best possible deal.” Credit cards are one of three major sources of crooks gaining access to your sensitive data, according to Javelin’s 2009 survey on ID theft. In the past, I have identified mortgage companies as one of the largest warehouses of private information in the country.

Then the author uses harsher words, followed by a six point plan for consumers: “And you, the consumer, need to stop accepting the idea that you're a sheep for the shearing. You know the difference between fair play and foul play; so do regulators and so do businesses. Make them show it.” She then addresses Obama saying: “Mr. President, put consumers first.” Her 6-point plan includes, A Cabinet-level position for a consumer advocate, creating a consumer bill of rights, and giving the FTC some teeth.

Don’t forget now, go to the above site and let President Obama know of your concerns.

Friday, March 27, 2009


Before actually getting into the protocol for complaining, there are a couple of laws with which you should be familiar. First, the Fair Debt Collect Practices Act (FDCPA) which “prohibits debt collectors and collection attorneys from using undue harassment and other unethical practices when collecting debt.” This, according to, a website for consumers on handling debt. Second, the FTC Act, from Wikipedia, launched the Federal Trade Commission which was given the power to prevent unfair methods of competition, and/or deceptive acts or practices against consumers.

That said, I ran across a blog recently, CarreonandAssociates,com, which proves the potential clout of the FTC, even in a Bush administration. The article, “Biggest FTC crackdown on collection agency ever. 2.25 million,” published in December 2008, documents how Academy Collection Services abused their rights as a debt collector. More than 1,000 complaints were filed against the company with the FTC and states’ attorneys general. Lydia Parnes, Director of the FTC’s Bureau of Consumer Protection says, “They ignored people’s complaints and rewarded the collectors who broke the law. This is not a business model that the FTC tolerates.”

If you are wondering where I am going here, it’s all about those of you who have complained about companies like Experian Credit Bureau in the past, but felt that actually filing a complaint with the FTC was useless. And for all those “Apathetics” out there who complain to themselves, friends or relatives, but never take action on their problem. Please read the above article. If a $2.25 million fine—the largst civil fine ever obtained by the FTC—doesn’t convince Academy Collection Service to do the right thing, probably nothing will. But the system worked.

And speaking of Experian, they were fined twice by the FTC for deceptive advertising in the sale of credit reports. Once in August of 2005 for $950,000, and again in February of 2007 for $300,000. Folks, both of these fines are for the same thing, proving this company will push the envelope if it has to in the sale of your names and personal data. I did a post on Experian in August of 2006 about how they denied my right to dispute a problem. This resulted from my complete credit report mysteriously vanishing from their system for a period of two months right after I had written critical posts about Experian.

In the above Experian post, there are a total of 42 comments as of today, most of which reference problems with the credit bureau. In each case I provided the FTC online complaint site, and if readers followed through, that is a good start in mounting the drive to bring charges against Experian…again. This is only one blog, and when you search “Experian consumer complaints” on Google blog search, you get almost 4,000 hits. Hopefully many of these blogs are recommending readers complain to the FTC.

As a result of the 1,000 complaints against Academy Collection Services, the Justice Dept. filed a complaint against the company on behalf of the FTC, resulting eventually in the $2.25 million fine against Academy. So just keep this in mind when you are wronged by business, and think you have nowhere to turn. And, hopefully, FTC action against these companies will improve under the Obama administration.

Wednesday, March 25, 2009


Knowledge at Wharton, which is part of the University of Pennsylvania, published a good article recently, except that I don’t agree with some of it. It’s good because it points out the problems faced today by data collectors on just what to keep, and what to delete from their databases. In case you don’t know, this is a “data pack rat” society starting with the individual consumer and probably going right to the President’s office. We are scared to death that the very piece of information we discard will be the one that we need most next week, next month, or even next year. In part, that could be true.

Wharton mentions recent data breaches by credit card processor Heartland Payment Systems where up to 100 million personal records could have been exposed to crooks. The article says the problem has become critical, and suggests that companies might consider cutting down the amount of data they keep. So far so good. And then comes the disagreement.

Two of Wharton’s marketing professors, Eric Bradlow and Peter Fader, recommend that companies should decide what data is necessary to keep competitive, and “purge the rest.” That’s where they lost me. They obviously have never been intimate with a junk mailer’s database. Many junk mail companies keep records until the person has been in the grave longer than Bradlow and Fader would probably consider appropriate for the normal storage period. And that is not exaggeration. To junk mailers, data is forever.

The main reason given by Wharton to screen out and get rid of unnecessary data is the cost of a data breach in 2008: $202 per lost record. That is up 2.5 percent from 2007. And the point is made of the uncalled-for risk taken by companies who hoard this information which could come back to haunt their customers and competitors. During the current downturn in the economy, you’d think more attention would be given to data security. However, in a 2009 Javelin Strategy & Research report, one of the major findings for 2008 was that, “Traditional Access to Private Data Continues to Be Commonplace.”

Another suggestion by Fader and Bradlow is to use predictive modeling to identify its best customers and then “throw away original data.” An excellent point and one I espoused as a junk mail data broker for twenty years. However, many with the old kitchen table, entrepreneurial spirit thought they could be a better “decider” than a technologically advanced piece of software that employed artificial intelligence to do the job. But this should be done only at an aggregate household level, not individual, in order to protect our privacy. This also comes with a cost, but this is usually offset by the savings of not mailing to a population that doesn’t want the mail. Another big plus.

No matter what perspective you approach this from, the only workable answer is control. In my 35 years as a data broker, I can tell you that the only way to solve the identity crisis is to give consumers control over their names and personal data, and compensate them when it is sold to encourage taking on this new responsibility.

Monday, March 23, 2009


In last Friday’s post, we explored the possibilities of the pharmaceutical industry using social networks to sign up individuals who are willing to share ailments with other consumers, doctors, and pharmaceutical companies. The idea is to enlist those eligible to participate in clinical tests that could discover solutions for those who have chronic diseases. Two such networks are and There is, of course, a potential privacy problem, when reflecting on the private information users of social networks like Facebook and MySpace display about themselves, some of which has been compromised.

But on the plus side there is always that possibility someone will find that particular group research effort that will alleviate or cure their illness. This blog is, and has been, trying to weigh pros and cons of consumers giving up personal medical data, and, truthfully, it is progressing toward the establishment of electronic medical records which President Obama feels is necessary. We just have to find a way to do it right, with only reputable companies doing the warehousing, and with patients maintaining control. The latter will probably be the major obstacle in the health care industry’s acceptance of this movement.

In the public sector, is the largest database available on the subject listing over 70,000 trials in 163 countries for interested parties to search. A Los Angeles Times article also mentions another database, TrialCheck, from, as well as The piece also mentions the fact that researchers “…hope to tie the records into an automated clinical-trial matching system that will alert doctors and patients alike.” The question is who will oversee all this massive databasing of your private medical information, and just how secure will it be?

A article, “Pharma Tackles the Social Network,” mentions another potential player, Web MD, “…a site complete with interactive tools such as blogs, message boards, ask an expert, etc.,” and 54 million monthly users. Johnson & Johnson’s new acquisition of is an additional example. The article indicates that the drawback to this type of marketing is the human element because social marketing is unpredictable due to its reliability on interactive marketing for results. It also points out there are regulatory risks to be faced by pharmaceutical companies.

Yet another site covered is, created by physicians for physicians to share information. According to, Sermo has established a “strategic collaboration” with Pfizer, producer of the Celebrex, Lipitor, Viagra and Zoloft drugs. You may remember Pfizer as, perhaps, the largest breacher of names and personal data in the pharmaceutical industry. Six data breaches since June of 2007, with the latest May of 2008. Quantities weren’t huge, but neither were they always small. One, in particular, involved 34,000 employees’ names/addresses, Social Security numbers, dates of birth, phone numbers, and bank and credit card information.

Precisely why I say we have to qualify and regulate any company warehousing this personal medical data, and allow the individual to maintain complete control.

Friday, March 20, 2009


It’s bad enough that your regular personal data is winging its way around social networks like Facebook and MySpace, but would you introduce your private medical information to the same kind of scrutiny? Many are and some for a very good reason, like finding the answer to a potentially life-threatening problem. And because many people do not know they are a likely candidate for clinical trials—the research that ultimately solves many of our medical problems—the participation in these programs has been severely limited.

In a Newsweek Web exclusive by Sarah Kliff, we learn about the newest social networking experiments being advanced by the healthcare industry. The concept is to collect a group of individuals with ailments who are willing to share their experiences with other consumers, doctors and pharmaceutical companies. Right there, you say, the reason for a lack of participation is a public who does not trust their personal medical data in the hands of the pharmaceutical business. And, you would be right.

Kliff says there is a plus side for those grappling with chronic diseases to locate the clinical studies and new treatments that could help them. But there is still another obstacle that has to be overcome by these clinical trials in addition to the mistrust of drug companies, and that is participants’ concerns for their safety., a service of the California HealthCare Foundation, says that some argue targeting patients for clinical trials “…raises ethical and medical issues.” Diane Colaizzi, with the Coalition of Cancer Cooperative Groups, says “...there are concerns about the reliability of data from clinical trials where the participants might be communicating with each other online.”

Two of the new medical social networks mentioned in the Newsweek piece are and Three of the pharmaceutical companies working with Inspire, who has 100,000 users, refused to allow their name to be used, but Merck did issue a brief statement which included their commitment to programs such as this. Inspire makes its money based on a flat fee for the recruiting service provided the drug company.

The question, of course, is what information you share online about yourself that is personal. Inspire urges users to “…create an extended online profile.” They do not suggest nor recommend specific ailments, nor medications being taken. PatientsLikeMe, on the other hand, lists specifics users might add to their profiles like patient condition/disease, treatment regimens, and their outcomes. They also ask for your name, address, e-mail and birth date. Inspire does collect clickstream data, which is a history of your Web browsing habits.

I did a post back in May of 2008, “How Long Before We Accept the Inevitability of Personal Health Record Databases,” that points out the plus side of electronic health records, which is one of President Obama’s priorities. That post was preceded by a series of posts on companies that have spearheaded the field like, Microsoft’s Health Vault and Google Health. Although my gut feeling always tells me to shy away from giving up any personal data, this is a field that requires further looking into, particularly re. those companies that are warehousing this private information.

More on all this later.

Wednesday, March 18, 2009


Slate had a troubling article by Dahlia Lithwick on March 6 that positions the President as a keeper of Bush secrets. That in itself is alarming, but the piece goes on to say “…the administration clings to its bizarre decision to hold fast to the Bush administration's all-encompassing view of the ‘state secrets’ privilege, and the Nixonian view of executive power deployed to justify it.” Don’t know if this is a spin by Lithwick on what Obama actually plans to do, but, nevertheless, it is disquieting. Liberal Air America Network found 90 percent of 9,000 respondents want to see Bush and Cheney pay for their crimes in this area.

With the possibility that the new administration might find it necessary to protect its own secrets, the Slate article leads us to believe Obama might have this ridiculous idea that Americans still need to be protected from the truth. I hope not, or the President is in for some heavy criticism, and a number of verbal assaults from the privacy community. We’ve had enough of this in the past eight years, and it is time to trust the public to understand when you are leveling with them.

My major concern is that with GWB’s illegal acts of spying on innocent U.S. citizens taking up so much media time, the very core of the privacy movement, the current identity crisis, has repeatedly been shoved on the back burner by Congress, the White House and the American people.

I did a post on February 23 featuring the Javelin Strategy and Research 2009 Identity Fraud Survey Report. It’s shocking that ID theft has now taken a turn up in 2008, after dropping in 2007. The increase was 22 percent to 9.9 million identity theft victims, but the most startling news was that traditional access to private data continues to be commonplace. This is solid confirmation that the identity crisis is still dealt with as the stepchild of privacy.

During the 2008 elections I did a series of posts on Obama, the first of which asked, “Is Barack Obama the Presidential Candidate Most Likely to Protect Your Privacy?” It was a question addressed by the Ponemon Institute research firm where 40 percent of you said that protection of your privacy rights was either important or very important in deciding your choice for president. The sitting president was favored over Hillary Clinton almost 2 to 1 and swamped the Republicans .

The second was in June of 2008, and was an analysis of candidate Obama’s positions on privacy. He seemed more concerned with the Internet than the privacy crisis in general, offering no specifics on the latter. Although as a senator, Obama introduced no privacy legislation, in his presidential bid he did attack the Patriot Act, and commented that a person’s privacy must be balanced with the protection of the nation’s security. This I agree with, and it is an important component that is built into my concept giving consumers control over their names and personal data.

The third on January 23, 2009, was just after the President was sworn in and was headlined, “Will President Obama Take Action on the Identity Crisis and When?” Well, considering the banks, insurance companies and auto makers that have hit the fan both before and after Obama’s swearing in, it is easy to realize where his priorities are. But the new President has directed some attention to the environment, healthcare and education as well as the tanking economy, so I would expect the identity crisis to fit into his future list of concerns.

What do you think?

Monday, March 16, 2009


FTC goes commercial to combat misleading Experian free credit report ads. If you haven’t fallen for the come-on advertised by credit bureau Experian, you’re lucky. As we all know, almost nothing is free anymore, especially in this down economy, and Experian’s ploy is no different. The Philadelphia Inquirer reports on a series of commercials being run by the Federal Trade Commission that announces through Irish step dancers and jamming musicians that this “free” offer has strings attached. You do get a free credit report, but to do so you must sign up for Experian’s credit-monitoring service at $14.95 monthly. Some privacy advocates feel this isn’t made completely clear by the credit bureau. I used to subscribe to Experian’s Credit Manager, and when I did unfavorable posts on Experian, my credit report suspiciously vanished for two months. Coincidence? Actually, the FTC commercials are a parody on the Experian ads which had a budget of $300 million, more than the FTC’s entire budget. If you want the real thing, go to Obama’s stimulus program attracts fraudsters. What else? A down economy, millions out of work, and the scam artists are served up their entrée in the form of the President’s new stimulus package. The bad guys are coming out of the woodwork promising access to thousands of dollars in government funds, often in the form of grants. PC World says that the U.S. Congress, unintentionally of course, created a cottage industry of Web sites and e-mail spammers to carry out the fraud. Web site sucked in the suckers with a sign-up fee of $2, adding an additional $99 to their credit card if they didn’t cancel within 14 days. Not satisfied, the crooks charged a monthly fee of $49.95, plus $29.95 for a debt-related service, all of which could add up to over $1,000 for a year. Another site, followed suit, but charging $94.89 each month if the consumer didn’t cancel in a 7 day period. Stealing your money is, of course, the issue, but some are also asking for personal information, which could lead to long-term ID theft. Junk mailers don’t consider consumer privacy a “basic” of marketing. In the March 2009 issue of Direct, a junk mail industry publication, there is an article titled, “Just the Basics.” Taken from a marketing research report prepared by Anderson Analytics, it covers marketers’ concerns for their customers during a recession. Blatantly and astonishingly missing is the security of consumer names and personal data. Don’t know why that surprises me, since during my 35 years as a junk mail list/data broker, it was rare that I could engage clients or large database companies in a conversation about improved protection of customer sensitive data. Here’s the way the report stacks up. First is “customer satisfaction,” followed by “customer retention,” then “ROI,” “brand loyalty,” and a host of other technology concerns that are boring to the average reader. I would give you a link to the site but you have to sign up to access it, a move that might have been prompted by recent criticisms of junk mailers from blogs like The Dunning Letter. There is one highlight, the fact that junk mailers increasingly feel basing marketing functions overseas may not be so good, but still for selfish reasons. They were afraid of the risk, and it wasn’t as profitable. At least they are consistent.

Friday, March 13, 2009


Gone, but not forgotten. This much-used cliché represents, perhaps, the most bizarre team of individuals to ever share control over the White House. Doubtless the Obama administration will spend much of its tenure attempting to uncover the horrendous mistakes, and outright attacks on the constitution, as well as to try and understand the incompetence level of George W. Bush. It was like a modern-day burlesque act with Bush and Cheney performing as headliners under the stage name of Big Brother in their attempts to develop complete control over the people of the U.S.

I did a post back in June of 2007, “The Cloning of George W. Bush,” which revealed the extent to which he had gone in his quest for imperial authority. There was talk at the time of Dubya plagiarizing George Orwell’s novel, 1984, in an attempt to turn the United States into another Oceana, the novelist’s fictional country. Along with his conniving VP, he was able to confuse, confound, befuddle, astonish, mystify, unhinge…there aren’t enough words in the dictionary to describe their manipulating of the American public while deluding conservative constituents.

In another 2007 post—I was on a roll that year—Dick Cheney was featured in a piece depicting his participation in hijacking our privacy. It centered on the FISA court case about two plaintiffs who sued over being monitored in the NSA spying incident. They lost. Bruce Fein on Slate wrote an “Impeach Cheney” article with the sub-headline, “The vice president has run utterly amok and must be stopped.” It seemed clear then to everyone that cheney was the designer of the NSA’s warrantless spying.

It is amazing how the Bushies were able to level threats against and intimidate those who disagreed with their philosophy, while managing to curtail any investigation of what has turned out to be a corrupt administration. But they couldn’t have done it without the “architect,” Karl Rove. Other lackies included Defense Don, John Yoo, and Paul Wolfowitz. Attorney General Alberto Gonzales was, of course, the leader in W’s rubber-stamp brigade.

We were habitually told that Big Brother was doing what it did in the best interest of American citizens. That was BushSpeak for, “shut up and let me do it my way.” You might remember another demagogue that used scare tactics to lure the public into believing his rantings over how Communists were taking over the country. Joseph McCarthy entered the spotlight in 1950, one year after George Orwell published 1984, and went on to hold Senate hearings on suspected subversives which ruined the lives of folks from Washington, DC to Hollywood. Sound familiar?

I’ll close this post with one of the most egregious maneuvers of the Bush administration; that of by-passing the Foreign Intelligence Surveillance Act (FISA) for warrants in the act of spying on innocent Americans. FISA had a record of approving these warrants swiftly, and without the normal process that slowed down the court system. Many wonder if Dubya just knew it was all wrong and that his underhanded surveillance tactics would be exposed for what they really were. Illegal.

For what it’s worth, we are rid of this stigma now, but the question arises of just how long it will take to forget the Bush/Cheney era. I’m betting never. And if I didn't answer the question of this post's headline, maybe that means we need to take the subject up again later.

Wednesday, March 11, 2009


I was rummaging through some older material on identity theft and found an article from the Coalition for Data Security that must have reassured those who think it will never happen to them. First off, I tried to find their Web site but was always directed to a Go Daddy site that does talk about information security, but no coalition. I was shocked to read these three headlines from their article:

• Data security breaches almost never result in identity theft
• Data is often unusable due to encryption
• Consumers are not liable for fraudulent charges

If I were a lay person reading these headlines, I would feel reasonably comfortable that my personal data was completely secure. Of course it isn’t. They even reference Javelin Strategy & Research in the piece; my following comments will also use Javelin in disputing this nonsense. To start, although the article appears to have been done in late 2006 or early 2007, Javelin reported 8.9 million ID theft victims in 2006.

Speaking directly to the three headlines now…

• “Data security breaches almost never result in identity theft” – tell that to the 1,089,000 identity theft victims in 2008 whose data was stolen through data breaches. And that was a 22 percent increase over 2007.

• “Data is often unusable due to encryption” – according to an Identity Theft Resource Center report, only 2.4 percent of 2008 breaches had encryption. Further, Information Security Magazine says that only 22 percent of those recently surveyed by the online magazine planned on including encryption in their budget. Only two states—Nevada and Massachusetts—have laws requiring encryption, but other states have similar measures in the works.

• “Consumers are not liable for fraudulent charges” – sometimes they aren’t, but when they are it is $496 out of their pocket, plus 30 hard hours clearing up their credit problem. Victims’ O-of-P costs in 2008 totaled $4,910,400,000, $540,144,000 for those from data breaches. This also does not include any attorney fees if it is necessary to hire one.

There are other “cutesy” headlines like “The ’Don’t Lose Sleep Over It’ Breach,” which refers to information over which you have no control. Things like your telephone number, your name and address, and public records such as your home value, etc. Actually it won’t do much good to lose sleep over this kind of sensitive data because it is available everywhere. This is due primarily because the junk mail industry realized its value years ago and has since compiled it in to huge databases.

Unfortunately, certain manipulations like adding a date of birth to your name and address can produce disastrous results when it comes to stealing your identity. So, maybe you won’t lose sleep in large part due to the fact that you will check your credit report regularly for fraud. Since you have one free report from each of the credit bureaus—Equifax, TransUnion, Experian—pull one every four months. You’ll be glad you did.

Monday, March 09, 2009


Junk mail publication, Direct, attempts to mimic con man Harold Hill of Music Man in its headline, "Obama’s FTC Spells Trouble with a Capital T.” The columnist’s whining is both tiring and with a complete lack of substance. But this is typical since most of these hacks continue to defend an industry that has needed regulation for years.

The author, no doubt representing the attitude of many junk mailers, thinks President Obama’s pick of Jon Leibowitz to head the Federal Trade Commission, spells doom for the business. This, because Leibowitz is a firm believer in consumer rights, which might lead one to believe the junk mail industry isn’t. And I come to this conclusion based on my 35 years as a list/data broker, observing the concern for profits taking priority over the security of consumers’ personal data.

Apparently the writer of this article pines for the Bush administration style of consumerism, which is one of complete neglect. That is exactly what junk mailers want so they can continue to run their business in the secretive manner they have for years. They don’t want you to know how many times a day your private information is manipulated for revenues that exceed $4 billion dollars annually, and they don’t want you to ask why the name-holder—that’s you—doesn’t have the opportunity to share in the wealth.

I did a post on January 19, asking the question, "Will Federal Trade Commission Change its Tune to Placing Consumers Before Business under President-Elect Obama?” I guess I got my answer in the naming of Jon Leibowitz to head the FTC. Earlier, in April of 2008, I did two posts re. Leibowitz’s just held meeting on the dangers of behavioral or target advertising. That’s when junk mailers use lifestyle lists to zero in on households that smoke, gamble and/or drink, among a host of other consumer daily habits neatly tucked away in databases.

The Direct author tells of an interview in 2006 with Leibowitz, quoting the commissioner as saying “online information can be personally identifiable even if the advertiser doesn’t have a Web site visitor’s name or address.” When Leibowitz continued explaining that there are unique identifiers that can lead to a person’s true identity—which there are—he was called “ludicrous.” What is lucicrous is that these journalistic cheerleaders don’t want you to know just how much junk mailers know about you.

The junk mail industry has been able to get away with a lack of regulation for years—except for minor instances like being required to let you opt out of having your name and personal data sold, and a major move by the FTC when enacting the Do-Not-Call registry. The first is buried in any advertisement you receive; the latter, of course, was a matter of consumer demand. The reason Congress has failed its constituents on this issue is that they don’t have enough understanding of junk mail to create effective legislation. And…US consumers haven’t demanded it.

I’m ready to enlighten Congress. It’s up to you to make sure they do something. Contact: House of Representatives; Senators.

Friday, March 06, 2009


The FTC has just released their 2009 report on top consumer complaints for the year 2008. For the ninth year in a row, identity theft remains a strong number one with 313,982 complaints representing 26 percent of the total received. Keep in mind: these are actual complaints filed by real victims in incidents of identity theft. In case you aren’t familiar with the procedure, here is the FTC’s site. As you can see, they are fairly thorough in their explanations and instructions to consumers who need help.

I have been told by readers of this blog that the agency is useless in their attempts to solve problems with business or government. To a point, I agree, as do many top privacy advocates. But many of these concerns do stem from the incompetence and/or unwillingness of the Bush administration to do anything for the average consumer.

However, there are two major reasons why you should file a complaint when wronged. First, it goes into reports like the one I am covering here today, and becomes a tool used by the privacy community to convince Congress and the new White House to strengthen privacy law. Second, President Obama has named Jon Leibowitz, an FTC commissioner since 2004, and the lone Democrat on the commission, to serve as FTC Chairman. And yes, that means something, because it has become obvious we cannot depend on the Republican side of the aisle to do anything for the average consumer.

That said, let’s now turn to the FTC’s 2008 Top Consumer Complaints Report.

ID theft was ranked number one for the ninth straight year, receiving 313,982 complaints, representing 26 percent of the total of 1,223,370. Here are the hard facts folks. This is an increase of 21.5 % in identity theft over 2007, with a whopping 50.3% more total complaints registered with the FTC in 2008 over 2007. And here’s another revelation. Complaints against credit bureaus and other data purveyors rose from not even being counted separately in 2007 and 2006 to number six in 2008 with 3 percent of the total. I’d like to think The Dunning Letter, in its coverage of the Experian Credit Bureau’s treatment of consumers, had something to do with this.

The credit bureau entry into the race actually bumped sweepstakes and lotteries into the number seven position, which is significant when you consider the scams in that category. Another “newbie” is banks which are in control of much of our personal financial data, and don’t seem to always realize its value on the Internet black market. Junk mailers, including catalog sales, came in third, and Internet services came in number four.

My next grassroots movement is to convince American consumers they should demand to know everything that is in their credit reports, including any credit scoring techniques, including results, used by business to extend credit. And it should be free every quarter, not once a year, based on the fact that identity theft can happen at any time. Further, individuals should be able to correct their personal information within days, not months or years, as some of my readers have charged in their experiences.

Wednesday, March 04, 2009


Here’s another of my pet peeves; people who still reply to advertising offers that are obviously too good to be true. I know we’re in a desperate economy, but that doesn’t mean you should fork out more money to get taken by the crooks. The latest is apparently rebate processing jobs, according to an MSNBC article by Herb Weisbaum. In general, the work-at-home scam has been worked over for years in the media, but the suckers are still out there and the bad guys know it.

Cindy Dalton tells us Rebate Processor Jobs is, “…unlike anything you may have heard of before! That's because this is not some 'get rich quick' or MLM program. This is actual, get paid every two weeks, work!” Denial works every time as part of the “convincing us” formula. Cindy will help you make from $200 to $1,000+ per day…if you pay her $39.00 first. Of all the complaints received by Gary Almond, vice president of the Los Angeles BBB, he says not one indicated they had made one penny. Along with Process At, Rebate Processor gets an “F” rating from the BBB.

Angel Stevens fronts for Process At Home, and she exclaims you need no experience, education or special skills, but you are guaranteed an “immediate position.” That’s a new way to make the pitch sound more official. Further, the latter will put up to $225 a day in your pocket. But wait, there’s more! It only takes you 60 minutes to make that. Now I’m sorry but anyone who bites after that is not working with all their faculties. If that wasn’t enough, one woman paid $197, apparently without first checking the BBB.

The National Consumer League has a couple pages of tips to stay out of harm’s way. Most are so obvious they shouldn’t have to be said over and over. To start, know who you’re dealing with because the scamsters just continue to come out of the woodwork. And it’s incredibly easy to broadcast millions of e-mails, so check out each one you plan to follow up on carefully. In other words, do your homework before you react. There are eleven tips in all, and I recommend that you visit the NCL site before you make any move on future work-at-home offers.

Someday, hopefully, there will be an official clearing house we can go to that will cover all categories of fraud, carefully grouped for simple searching techniques that don’t discourage the average consumer. I know, there are many organizations that document scams, but I am talking about an all-encompassing agency environment similar to the FTC’s Do-Not-Call Registry. I know I have a tendency to depend on government controls and regulation, but after what we have witnessed since last Fall, apparently the business world cannot be trusted to regulate itself.


Monday, March 02, 2009

This is Part II of Grant Hall’s article, “Stalking Solutions.” Part I was posted last Friday. Grant’s e-book, Privacy Crisis, is one of the leading advocates in the field for individual privacy.


Part II

By Grant Hall


This writer has written extensively on the techniques necessary to conceal personal and investment funds for privacy purposes. While the needs of each individual will vary greatly, generally speaking, the use of entities including trusts, Limited Partnerships and LLC’s are valuable for privacy and asset protection. Additionally, check cashing stores and an anonymous safe deposit box prevent the freezing of accounts and any link to the funds once checks are cashed.
Useful websites for money and “banking” privacy are and


While work privacy can be accomplished most easily by certain practitioners and the self employed, shielding one’s work place will be a challenge-especially for the majority of people who derive their income from wages, salaries and commissions paid by a traditional employer.
When one desires vocational or professional privacy, a sound plan is necessary in order to eliminate one’s name and Social Security number from any number of data bases that store this information. Trusts and LLC’s have been used with success as the employer and this re-structuring of the employer/employee relationship has been accomplished through negotiating with flexible, open-minded employers. A win-win situation for both parties will facilitate the negotiating process.


Through the use of the aforementioned mail drop nominees and re-mailing of sensitive letters, one can keep their postal mail their own business.
The traditional one and two year cell telephone contracts-complete with a credit check that the public usually opts for is a definite no-no for the serious privacy seeker. You will want your entire communication system to reveal no link to your name. Therefore the purchasing of a cell phone off the shelf with no contract or registration requirements assures private telephone calls. Land lines at home are not a good telephone option. Land line telephones can be traced and the physical location of the telephone can be obtained.
Proxy servers enable the computer user to surf the net without being recognized by their IP address. The best companies provide a different IP address once or twice daily. When an anonymous proxy server is used in conjunction with email addresses that have no resemblance to your identity, computer security is greatly enhanced.
Computers should be purchased with cash. Software and all computer-related materials and online purchases are necessarily purchased with anonymous debit cards, money orders or cash.
Internet Service can be privately obtained through the use of company held accounts or an account can be secured by a nominee as explained in Privacy Crisis.


Ohlson, Kristin, Stalking the Divine: Contemplating Faith With the Poor Clares, 2003, Hyperion
Hall, Grant, Privacy Crisis: Identity Theft Prevention Plan and Guide to Anonymous Living, 2006, James Clark King, LLC (eBook available at:
Copyright: James Clark King, LLC, August 28, 2008

Friday, February 27, 2009

Grant Hall’s e-book, Privacy Crisis, shows readers “where to get the goods and services to remain invisible.” Grant is a hardcore privacy advocate who portrays the personal data collection system as completely out of control, and provides consumers a way to solve their individual situation. This is a continuation of a series of guest articles in which I feel readers will have interest.


By Grant Hall

One in twelve women will be stalking victims during their lifetimes and most stalkers are ex-husbands and previous boyfriends (Ohlson).
More than eighty percent of women who are stalked by ex-lovers are assaulted by their stalker and thirty-one percent of these women are sexually assaulted. Seventy-six percent of the women murdered each year were previously stalked by their killers according to Ohlson who wrote Stalking the Divine: Contemplating Faith With the Poor Clares.
Since the odds of being stalked and harmed by a tormentor increase when accessible information is readily available, a prudent plan to avoid these dangerous individuals would be the implementation of a high-level privacy plan.


One’s home address is the quickest link to their physical location-unless privacy tactics are in place.
Homes can be owned anonymously through the use of a Trust and an Administrative Trustee can sign any and all required forms on behalf of the Trustee-the manager equivalent of the trust (Hall).
Mail drop nominees can be used to receive and forward mail thereby avoiding the use of a home address for mail communication purposes.
Only trusted friends and relatives should have access to a privacy seeker’s home location.
Without a link to a victim’s home address, a stalker’s efforts toward harassing a victim at their physical location will be thwarted.


The importance of separating one’s name and home address from their car is a necessary privacy tactic to avoid having the normal driver’s name and address surface when data bases are searched.
A trust is the most private entity as only those forming the document and those included in the trust documents have a need to have knowledge of the provisions of the trust. A trust does not have registration requirements.
Trust owned automobiles are more easily insured than those owned by Limited Liability Companies and Corporations in most cases. And when the trust owned car is registered properly with the Department of Motor Vehicles or other state agency, there will be no mention of the trustee and normal driver on the automobile registration. This important detail assures the driver absolute and total privacy as he or she travels.
Stalkers frequently hire individuals who have access to automobile registration data bases in order to locate their victim’s car and address.


Today, many states allow for the freezing of a consumer’s credit files. This is a huge privacy advantage and should be accomplished in order to preserve privacy.
Once credit files are frozen, only the consumer’s release of a password allows for the viewing of the credit file.
Serious privacy advocates never provide their home address to anyone except those in their close circle of friends and relatives-and this includes the credit bureaus and ALL businesses.

Part II of “Stalking Solutions” in my next post. In the meantime, visit Grant Hall’s site for lots of free information and his e-book, Privacy Crisis.

Wednesday, February 25, 2009


They are lurking out there again as they always do around tax time. Although we have gone through the attacks before, we will suffer and encore of identity losses between now and April 15 that makes me wonder what it will take to convince consumers never to give up their personal data unless they are sure who they are giving it to. Maybe we could enlist all of you that were made victims in 2008 to spread the word around that this is a fraud.

The Dept. of Homeland Security has taken notice of what’s going on and issued a bulletin on the scam from its U.S. Computer Emergency Readiness Team (US CERT). Just scroll down and click on “Feb. 6, IRS Stimulus Package Phishing Scam” to get the details. You’ll be asked in an e-mail to provide your private information by following a link to the crook’s website, or to complete an attached document. No matter how much they are offering you in a refund, don’t do it. The IRS never corresponds with taxpayers for matters like refunds or asking for personal data by e-mail. They only do it by regular mail.

Homeland Security gives a link and encourages users receiving fraudulent e-mails to forward the message to their e-mail: There are also four points supplied to help the public mitigate the risks. If you read this and have a friend or relative, or business associate you know to be somewhat apathetic about the possibility of someone stealing their identity—and there are hundreds of thousands out there—I urge you to suggest that they visit this site.

As always, you can depend on MSNBC’s Consumer Man to cover the latest scams. Herb Weisbaum’s article, “Latest 'phishing' scam lures you with tax return,” talks about how the bad guys suck you in with a promised tax rebate. And who can resist that? Unfortunately, a lot of “gullibles.” That’s my term, and I’m sorry, but after years of grinding away at what to avoid on this issue, there are still those who bite. Someone should do research on the victims so we might begin to realize just how to solve the problem.

As Weisbaum indicates, the scam does deal with a substantial refund, and these are tough times when you just hope that today will bring better news, and, then, there it is. The author calls it a “sense of desperation” that is known to exist by the crooks, and which they prey on with the utmost sophistication.

They ask for your Social Security number, date of birth, mother’s maiden name, credit card information, even your ATM PIN number. First of all the IRS already has your SS#, and why could they possibly need the PIN for your ATM card? Red flags are hoisted all over, but all the victim is thinking about is the promise of something they probably already know they don’t have the right to. As the article indicates, the IRS does not send refunds by e-mails, don’t audit people by e-mail, and don’t collect taxes by e-mail.

CAUTION: If you get one of these e-mails, first, forward it to the IRS e-mail, above, then DELETE it at once, and never look back. Then help everyone you know to avoid the scam.

Monday, February 23, 2009


“For the first time in the past five years, identity fraud rates increased over the prior year. Yet during the same period, average consumer costs decreased sharply, according to the new Javelin report on identity theft.” Discouraging, yet somewhat encouraging. But some figures in the “Executive Summary” are downright frightening.

• Identity Fraud Victims Increased 22% to 9.9 Million in 2008
• Existing Credit Card Frauds Drive Expanding Incidence Rates
• Economic Downturn Historically Results in Increased Domestic Fraud
• Traditional Access to Private Data Continues to Be Commonplace
• Social Security Numbers/name and address Top Compromised Data among Victims

Let’s explore each of these points with hard figures. 1.8 million more ID theft victims in 2008 over 2007 means an additional $892,800,000 out of the consumers’ pockets, and $7.8 billion lost by business. Total loss for 2008 is $48 billion compared to $45 billion in 2007.

Annual credit card fraud grew by 16 percent from $19 billion to $22 billion in 2008. New credit card accounts fraud also rose by 20%, from $15 billion to $18 billion. For four years now, I have been expressing my concerns over unsolicited credit card mailings in this blog, one of the vehicles the crooks use to open new accounts.

With the unemployment rate topping 7 percent and thousands more jobs lost each month, there is desperation in the air in this economic downturn that is not likely to end any time soon. It provides the perfect environment for fraud, and today the fraud of choice seems to be stealing someone’s identity with whatever financial gain the crooks can extort. This demands the closest scrutiny ever for any transaction involving personal data.

While online access to private information remains at 11 percent according to the 35 percent of victims knowing who accessed their data, traditional access is still extensive. Things like the losing or stealing of your wallet, checkbooks or credit cards, totaling 43 percent of incidents where access is known. And here’s the kicker…a point I have been harping on for two years. There was an increase in data used that had been stolen and held for use until the one and two-year time periods ran out for free credit report inspections given by the breachers. I still believe this is the biggest threat to the security of our sensitive data.

Don’t give away the bank…in this case your Social Security number. In 38 percent of Javelin’s survey respondents, the data compromised was SS numbers. Name and address accounted for 43 percent, and when you add date of birth to the latter, that is all that’s necessary to wreak havoc with your credit.

Along with all the above, when you consider that the resolution time to correct the problem climbed again to 30 hours in 2008 from 26 in 2007, it should be obvious to all that protection is the way to go, and I don’t mean paid protection but simple preventive measures consumers can use on a daily.

An interesting point: with the millions of individuals buying protective ID theft services in 2008, we still had a 20.7 percent increase in fraud victims as a percent of U.S. population. From 3.58% in 2007 to 4.32% in 2008. Think about it.

If you want solid, thorough and concise information on how your identity can be breached, and how you can protect yourself from fraud, go to the Javelin 2009 Identity Fraud Survey Report – Consumer version. There is no easy way to handle this dilemma, and until the American public realizes that they must take responsibility in the protection of their names and personal data, we won’t see an end to the identity crisis.

Friday, February 20, 2009


Based on my 35 years as a list/data broker, I have tried to convey to readers the danger of how junk mailers, and non-junk mail companies, recklessly collect, manipulate, and sell your names and personal data. It is rare that I can digress and talk about a junk mail company other than to criticize.

Vermont Country Store has been around for 64 years doing what most good catalogs do best: unearth the unusual for its customers. But Lyman Orton, the proprietor, resurrected an item recently that is sure to spice up the demure Vermont company, and bring back memories of my catalog days. I’ll explain the resurrected part later.

Lyman, age 64, added sex aids to the pages of his catalog known for selling heavy-duty toenail clippers and pine tar soap, according to an article on MSNBC. Items like pleasure gels, arousal creams and a six-speed vibrator. In case you aren’t familiar, that’s another name for dildo. But six-speeds? And that is where the “resurrected” part comes in.

When I was director of marketing for the Sunset House catalog some 30 years ago, we received a letter from one of our female customers who exclaimed that we had saved her marriage by introducing a six-inch vibrator to our catalog. In over two pages of hand-written copy, she praised this new item as if it saved her life, not her marriage.

The letter was circulated among top executives with everyone, of course, adding their own personal comments. The episode was talked about for a while, then forgotten. That is, until we received a second letter from the same customer. It was much more serious.

She started by thanking us again profusely for selling the six-inch vibrator in our catalog. She even stated that her marriage was still as healthy as before, but she did have a request. She had heard somewhere there was a nine-inch vibrator available. She implored us to please include this new version in our next catalog.

The catalog’s merchandise people had already reviewed the item and it was front-and-center in the next edition. Needlessly to say, we were thanked for coming through again.

It’s nice to write a feel-good story like this, and there will be a follow-up in the future reporting on how Vermont Country Store eliminates junk mail through predictive modeling, a practice that many junk mailers shun. In the meantime, visit their site here.

Wednesday, February 18, 2009


It would seem Facebook founder, Mark Zuckerberg never learns. Once again he changed policy granting the social networking site the ability to control users’ information forever, even if you cancel your account. Zuckerberg apparently did not take heed after the 2007 debacle where he had to back off a tracking tool called “Beacon” that displayed customers’ shopping habits and activities all over cyberspace. In another article on MSNBC, he recanted again just a day after the latest boondoggle, when apparently tens of thousands of users complained. Zuckerberg said the move was temporary, until the company develops new terms defining its privacy policy. What that means to me is that Mr. Z hasn’t yet comprehended the right of the individual to maintain control over their names and personal data, and, believe me, this is not only a Facebook problem. This is the dilemma of the entire data collection business. On the other hand, Maine police credit Facebook in the solving of a crime by posting pictures of teenagers who vandalized a crime caught on surveillance cameras. President Obama reneges, somewhat, on “open government” policy. It seems Justice has decided to retain some Bush policies on keeping the data collection and secret surveillance of U.S. citizens. They want to determine whether it will conform to the rewrite by the new administration of the Freedom of Information Act guidelines. After former Attorney General John Ashcroft supported Bush’s warrantless domestic wiretapping, Obama pledged “an unprecedented level of openness in government.” Several requests are pending based on the FOIA re. the former administration’s tactics, and there is some doubt if these will ever be satisfied. I think most everyone agrees we should look to the future and not belabor the past, but when the American public has just experienced the worst case of Big Brother since Orwell’s 1984, many agree that we should at least know what really happened. The question today is who we can trust to define what information is too sensitive for release to the public? Opinion piece in junk mail industry publication, DM News, promotes respecting consumer privacy. David Henkel, President of Johnson & Quin, specializing in printing, mailing, and database management for junk mailers, says “Consumer privacy must be respected.” He talks about personalization in the business of reaching the right customer with the right offer, and how it must not be carried too far. Targeting is good if it does not get into individual household personal data that clearly invades the person’s privacy. Things like whether or not you gamble or drink, what specific ailments you suffer from, and what medications you are taking. Targeting can be accomplished at acceptable levels larger than the individual household. But Henkel really caught my eye when he started talking about how customers’ credit card numbers are stored by junk mailers, those you buy from, even if you haven’t made a purchase for years. As the director of marketing for a large catalog company, I can confirm that the credit card number was maintained as a normal part of the customer’s record. That was awhile ago, and it occurred to me that we need to know what junk mailers are doing about this today in a much more volatile marketplace. Report on this later.

Monday, February 16, 2009


If your income is less than $100,000 annually, you received 26 percent less credit card offers in 2008, compared to 2007. A prime example of how the junk mail industry manipulates your personal data to maneuver consumers to respond the way they want them to. According to Mintel Comperemedia, who does research for junk mailers, announcing in a ConsumerAffairs report, funds for lending were down, and with the credit card companies already losing on current loans—apparently from those with incomes less than $100,000—they cut mailings back significantly.

Does that halt the barrage on our mailboxes? Not really. They just found another surrogate: businesses you are already dealing with that veil the solicitation under their name, hoping you will make the assumption they endorse the credit card offer. Of course, the business gets a cut from each application returned.

It goes like this. Holland America Line’s headline exclaims: “Presenting the Holland America Line Rewards Visa Card…Your next cruise is closer than you think.” We are cruisers but we have never been on Holland America, so why would I feel any relationship toward them. This is relationship marketing, or affinity, or third party, meaning the company uses their relationship with the customer to sell you something they have absolutely no control over if something goes wrong.

On the other hand, we have been on Princess Cruises, from which we have received two offers in the last couple of weeks. U.S. Airways has hit us twice in the same period of time, and the list goes on. This has been going on in junk mail for at least 35 years, and in bad economic times can be a boon to both of the businesses involved. By sharing the cost of the mailing, or riding piggyback in the company’s regular mail, everyone wins, except the consumer.

I say that because a 2009 survey just released by Javelin Strategy & Research says that 33 percent of the respondents reported that new credit card accounts were opened fraudulently in their name in 2008. That’s an increase of 27 percent over 2007. It only takes the crooks a few minutes on the underground Internet to buy your personal information like Social Security, date of birth, etc., and they are on their way.

You may eventually prove to the credit card provider that you weren’t the bad guys, but you will have a much larger battle convincing the three credit bureaus, Equifax, TransUnion and Experian, to correct your credit history, especially Experian. As an example, the average resolution time to fix your credit in 2008 was 30 hours, up from 26 in 2007.

In the near future I am going to review the complete Javelin 2009 Identity Fraud Survey Report. Here’s a preview of what they found. Identity fraud victims increased 22 percent to 9.9 million in 2008. Economic downturn historically results in increased domestic fraud. Traditional access to private data continues to be commonplace (emphasis added by me). For the consumer version—which I highly recommend reading for some great insights into preventing or dealing with ID theft—go here.

Friday, February 13, 2009


Wikipedia defines the “inside job” as “…a crime, usually larceny, robbery or embezzlement, committed by a person with a position of trust who is authorized to access a location or procedure with little or no supervision, e.g., a key employee or manager.” It goes on to identify former employees knowing the company’s layout as potential perpetrators. In Wednesday’s post, “IDENTITY THEFT INCREASES 47 PERCENT IN 2008 OVER 2007,” I quoted a just published report by Identity Theft Resource Center (ITRC) finding that Insider theft doubled in 2008 over 2007. When the times get bad, the bad get smarter.

At the end of 2008, there was an article from MSN Money with some facts that are both scary and eye-opening. It stated that 18 percent of the corporate world saw an increase in monetary theft among employees, with another 41 percent unsure. Here’s a statement that should jar any company: “Employers are hot targets for theft because workers "…know their systems, controls and weaknesses, and they can bide their time waiting for the right opportunity." This from Jack L. Haynes Int’l, supplier of workplace crime-prevention services.

And the employees guilty of the biggest heists frequently are the most highly trusted. These are the ones who can get into company computers and make off with your names and personal data. They are close to it every day, often with unlimited access. I am not just talking about junk mail databases of millions of names and private information, but also non-junk mail companies that also warehouse your sensitive data. Folks, there are few corporations out there that don’t maintain thousands of personal records on their customers and/or employees.

A Pricewaterhouse study even found that senior-level workers that had been around over seven years were responsible for 25 percent of all reported internal fraud. Most are men and they are well educated. Jack L. Haynes Int’l reports that about one out of every 28 employees was apprehended for stealing in 2007. Combined, these are all the ingredients for a disaster if the downturn in the economy gets worse and more people get desperate.

TechNewsWorld said it back in 2007: “A ticking time bomb of sorts is hidden away in the cubicles and workstations of many businesses. When it goes off, the personal financial information of customers and workers could be laid bare.” Yet one more survey provided some of the most significant findings. A Compuware commissioned study by Ponemon Institute revealed that 75 percent of all breaches in the U.S. were caused by insiders, while only one percent by external hackers.

So what’s the solution?

Bring the consumers of this country together to demand that Congress and the new administration get together to pass legislation that gives consumers control over their names and personal data. In the same bill, allow for compensation to the name-holder when it is sold to encourage individuals to assume this new protective responsibility. Now is your time to be heard. Contact your U. S. Representative; your Senator; The White House.