DUMBING DOWN ON PRIVACY

I recently received an e-mail from a junk mail list company looking for lists of cell phone numbers with postal addresses. Reading further, INFO Direct says to other list managers that, if they have telephone number lists available, the company has a way of identifying which of those numbers is a cell phone. They want this list for a non-profit organization. This is mentioned in relation to a bill in the U.S. Senate to limit how cell phone numbers can be used. Senate Bill 2454, introduced by Barbara Boxer from California, contains two major components: 1) it gives consumers the right to decide whether they want their cell phone numbers listed in any directory; 2) your cell phone number cannot be sold without your permission. The bill was brought before the Senate in mid December, 2007. I received the e-mail looking for cell phone numbers February 18, 2008. My point is that the junk mail industry will go to any length to collect and sell your personal data. The question arises whether the above shenanigans could be used to skirt SB 2454, when it becomes law? Speaking about identity theft, Robert Siciliano, a personal security expert said, “…apparent carelessness and lack of concern on the part of businesses everywhere is a major factor leading to these kinds of breaches. This was in reference to just four security breaches reported in January of 2008 that outed the private information of close to one million consumers. See article. At the same time, Siciliano stated, large companies are attempting “…to blunt the strength of proposed data breach–notification legislation. And in an additional comment, “…with the exception of token yearlong access to free credit report monitoring, consumers end up with the bill. The piece goes on to highlight particular incidents and document data breaches, but you get the idea. Business and government do not want to be regulated in the collection and selling of your names and personal data unless they can write the bills that govern how they do it. Headlines like “DMA (Direct Marketing Assn.) Fears Do-Not-Mail Legislation” from junk mail publications, and I did a post on this February 28. But the real concern is shown by new lobbying efforts by companies like ChoicePoint. CP is the junk mail data broker that led off the declared procession of personal data breaches starting in February of 2005. I say “declared” because it took a California law, SB 1386, passed in July 2003, to get the ball rolling where companies were compelled to notify those affected in a data breach. Prior to that your private information was lost on a regular basis—as evidenced from my experience as a data broker—but was never disclosed. CP spent $1.4 million on lobbying Congress and government agencies in 2007, according to Int’l Business Times, through firms like the one John Ashcroft formed after exiting as W’s Attorney General. ChoicePoint and all the other data brokers and junk mail companies would like to see federal legislation that would provide standard control over their activities, as long as they can write the law…in their favor. I would rather see federal legislation written in favor of the consumer for a change, granting them control over their names and personal data. The question is, who will win?