My wife made a purchase recently at a farmers market using her credit card to complete the transaction. This is one of those planned events held in shopping centers and strip malls across the country which frequently produces unique items you can’t find anywhere else, made by the very people from whom you are buying. It’s an experience thousands flock to regularly, but it could be a disaster in the making if some changes aren’t made.
In December of 2003, the Fair and Accurate Credit Transaction Act-FACTA was passed, which specifies that no more than the last five digits of your credit card number can be printed when you make a purchase. However, the law governs electronically printed receipts, and doesn’t apply to transactions where the number is either written or executed by an imprint. In other words, thousands of times daily, credit card numbers, maybe yours, are recorded on paper that may or may not be secure.
The merchant used the old-fashioned imprint machine to record my wife’s credit card information, which clearly states the full sixteen digit credit card number. From experience, I know he or she must deposit this receipt to a business account for credit, so, hopefully, it won’t be lost. What worries me is just who, and how many, other people see this number in the trip to the bank.
The “mom and pop” merchants in this country are the very backbone of our great system of commerce. They should be given considerations, but not at the expense of losing my identity to thieves that lurk at every corner…and farmers markets. Folks, they are everywhere, as evidenced by the outbreak of security breaches in 2005. Give them a grace period to comply, like Visa and MasterCard did all the other merchants, and make them stick by it.
You would think that one of the first things lawmakers would do after the recent rash of breaches would be to plug the loopholes of existing law to better protect the consumer. Just imagine that the person who took my wife’s credit card number goes to a bar for a drink on the way to the bank, and someone steals all the daily receipts. Then, multiply that possibility by thousands of transactions like this every day.
ChoicePoint, LexisNexis and other data brokers do pose a huge threat to the security of our identities. They can lose millions of personal records in one quick event—illustrated by CardSystems exposing 40 million credit cards in June of 2005—and need to be controlled to prevent this from happening. But alas, it is not likely, with either current law or the recent blitz of identity protection legislation.
Real security will be accomplished only by individual consumer control over their name and personal data.
The Pittsburgh Post-Gazette printed an article by Robin Sidel from the Wall Street Journal “Identity theft—unplugged,” that quotes some recent figures from Javelin Strategy & Research. Some 29 percent of victims in the survey said their private information was stolen when they lost their wallet, checkbook or credit card. The balance of 71 percent is attributed to someone from the outside initiating the theft.
Most privacy experts agree that a large number of ID thieves get their information from traditional, low-tech sources. Even a family member, friend…or small neighborhood merchant.
It is time to update FACTA and include all merchants, no matter who they are, and seal this big hole in the ID theft dike. In the meantime, if you must make one of these purchases, let the businessperson know that you realize your personal data could be in jeopardy.
Tuesday, April 11, 2006
Thursday, April 06, 2006
What's Your Name and Private (or Public) Information Worth?
As a junk mail shopper, your name could be worth around $65 to you personally on an annual basis. More or less, depending on how many times you buy. The total take each year on consumers’ names and personal data is $4 billion from junk mailers, a part of their business they would rather you know very little about. With each purchase, you have the option to check that you do not wish your name “shared” with other junk mail companies. They will never tell you that your name and private information is sold, over and over and over.
So you don’t think the $65 is enough to worry about? Then let’s put just half of that $4 billion every year in a simple interest-bearing account until you are age 65. Bingo! Retirees could supplement their retirement income with an average of $607 monthly; again, more or less, based on buying habits. Sound better? It could happen if Congress got off their duff and passed federal legislation giving you control over this data.
And that’s only the junk mailers. Your private and public information is being sold by thousands of data brokers other than ChoicePoint and LexisNexis. The SWIPE Toolkit knows this, and has come up with a great site that shows you just how much you are worth. Go to their calculator and you’ll be blown away by what you see. Click “Data Calculator” first, then, “Launch” on the left and you’re on your way.
Trying it myself, I selected address, date of birth, unpublished phone number, Social Security number, credit records, driver’s license info, and voter registration. Total: $40.25. And, that’s only one report out of thousands that are sold daily. I found the SWIPE Toolkit in a CNNMoney.com article by Jeanne Sahadi, “You want a piece of me? Pay me.” She is saying what I have been saying for the last several years, that the name-holder should have control over their name and personal data, and be compensated when it is sold.
Sahadi asked Chris Hoofnagle, “who owns this private information.” Hoofnagle, Director of the West Coast Office and Senior Counsel for Electronic Privacy Information Center, replied: “Whoever possesses it.” The EPIC has been fighting vigorously for years to protect your privacy, so you can understand the frustration in this statement.
And yet another new entry into the private information marketplace, reported by Washington Post columnist, Don Oldenburg, in his article, “Everything You Ever Knew About Yourself—for $79.95.” The company is MyPublicInfo Inc., founded in 2004 to provide personal data retrieval services for consumers. I went to mypublicinfo.com and clicked on “Sample” to see what they offer. Folks, it comes out to a list numbering fifteen pages of public and personal data items about your present-day status, as well as your past.
But, you have to give up your name, address, Social Security number, and birth date to get the report. This is the same stuff an ID thief needs to walk away with your identity. They also claim no one else can get your report—the $79.95 charged should be your best protection—and the safeguards look pretty secure. However, their database is out-sourced—there’s that word again—to a firm in California.
Oldenburg quotes Beth Givens, Founder and Director of Privacy Rights Clearinghouse as saying that access ought to be “free of charge, just like they can get their credit reports for free.” I agree, and the way to solve the whole problem is to pass federal legislation that will give consumers control over their names and private information and, at the same time, pay them when it is sold.
There, I said it again.
So you don’t think the $65 is enough to worry about? Then let’s put just half of that $4 billion every year in a simple interest-bearing account until you are age 65. Bingo! Retirees could supplement their retirement income with an average of $607 monthly; again, more or less, based on buying habits. Sound better? It could happen if Congress got off their duff and passed federal legislation giving you control over this data.
And that’s only the junk mailers. Your private and public information is being sold by thousands of data brokers other than ChoicePoint and LexisNexis. The SWIPE Toolkit knows this, and has come up with a great site that shows you just how much you are worth. Go to their calculator and you’ll be blown away by what you see. Click “Data Calculator” first, then, “Launch” on the left and you’re on your way.
Trying it myself, I selected address, date of birth, unpublished phone number, Social Security number, credit records, driver’s license info, and voter registration. Total: $40.25. And, that’s only one report out of thousands that are sold daily. I found the SWIPE Toolkit in a CNNMoney.com article by Jeanne Sahadi, “You want a piece of me? Pay me.” She is saying what I have been saying for the last several years, that the name-holder should have control over their name and personal data, and be compensated when it is sold.
Sahadi asked Chris Hoofnagle, “who owns this private information.” Hoofnagle, Director of the West Coast Office and Senior Counsel for Electronic Privacy Information Center, replied: “Whoever possesses it.” The EPIC has been fighting vigorously for years to protect your privacy, so you can understand the frustration in this statement.
And yet another new entry into the private information marketplace, reported by Washington Post columnist, Don Oldenburg, in his article, “Everything You Ever Knew About Yourself—for $79.95.” The company is MyPublicInfo Inc., founded in 2004 to provide personal data retrieval services for consumers. I went to mypublicinfo.com and clicked on “Sample” to see what they offer. Folks, it comes out to a list numbering fifteen pages of public and personal data items about your present-day status, as well as your past.
But, you have to give up your name, address, Social Security number, and birth date to get the report. This is the same stuff an ID thief needs to walk away with your identity. They also claim no one else can get your report—the $79.95 charged should be your best protection—and the safeguards look pretty secure. However, their database is out-sourced—there’s that word again—to a firm in California.
Oldenburg quotes Beth Givens, Founder and Director of Privacy Rights Clearinghouse as saying that access ought to be “free of charge, just like they can get their credit reports for free.” I agree, and the way to solve the whole problem is to pass federal legislation that will give consumers control over their names and private information and, at the same time, pay them when it is sold.
There, I said it again.
Friday, March 31, 2006
National Consumer Protection Week Has Come and Gone. Notice Any Difference?
National Consumer Protection Week was held February 5-11, and there was much hoopla over protecting you from identity theft, as well as nineteen other scams listed by the Federal Trade Commission (FTC) on its site: “’Consumer Protection: It’s the Name of the Game’ For National Consumer Protection Week 2006.” The week is sponsored by several government agencies, as well as the FTC and major consumer protection organizations.
Try the FTC’s “Grand Slam Challenge” to test your ability to recognize scams, bargains that aren’t, and simple fact or fiction questions that will keep you on your toes. I did, and it’s both interesting and entertaining.
All this fanfare over protecting your rights was going on at the same time your esteemed congressional leaders were pushing legislation in the House of Representatives that severely limits your ability to learn of personal data breaches. The House Committee on Financial Services voted 48-17 to approve a bill that lets the “breacher” (data brokers, banks, junk mail companies, etc) decide if this is necessary. That’s like leaving your cat in charge of the parakeet while you’re gone. See Declan McCullagh’s story on C/Net News.com, “Newsmaker: The politics of data security.”
This dumb bill would completely zap the provisions of the California law that caught ChoicePoint and some sixty other companies, organizations and schools in 2005 that violated the rights of 9 million consumers. Ed Mierzwinski, Consumer Program Director for Public Interest Research Group, says, with this bill, there would be no notices of data breaches because the alert level is so high.
And then I ran into a site—posted just before the consumer protection week started—from junk mail’s industry organization, the Direct Marketing Association (DMA). It tells us that we don’t have to worry about identity theft any longer. The article, “ID Fraud Growth Is Contained, Finds Better Business Bureau And Javelin Study,” is not worth linking to but here are some of the facts:
• ID fraud has declined marginally from 10.1 million people to 8.9 million
(only?)
• Average fraud amount has increased from $5,249 to $6,383 (worse, right?)
• 68% of victims suffer no loss (which means 32% do)
• Time spent fixing the fraud increased from 33 hours to 40 (more bad news)
My interpretation of these facts is that ID fraud is still full-blown, but the fraudsters are becoming more sophisticated, getting more of your money with less effort. It is ludicrous to me that an organization like the DMA would state that identity theft has been contained. Maybe it isn’t so bizarre, since a measurable percent of ID theft comes from junk mail.
You may be sick of hearing it, but there is only one answer to protecting your name and personal information. Pass federal legislation that will give you control. And while we’re at it, make the junk mailers PAY YOU every time they sell your name and private data. Please, take the time to contact your members of Congress. Here are sites that make it easy: U.S. House of Representatives and U.S. Senate. Tell them I sent you!
Try the FTC’s “Grand Slam Challenge” to test your ability to recognize scams, bargains that aren’t, and simple fact or fiction questions that will keep you on your toes. I did, and it’s both interesting and entertaining.
All this fanfare over protecting your rights was going on at the same time your esteemed congressional leaders were pushing legislation in the House of Representatives that severely limits your ability to learn of personal data breaches. The House Committee on Financial Services voted 48-17 to approve a bill that lets the “breacher” (data brokers, banks, junk mail companies, etc) decide if this is necessary. That’s like leaving your cat in charge of the parakeet while you’re gone. See Declan McCullagh’s story on C/Net News.com, “Newsmaker: The politics of data security.”
This dumb bill would completely zap the provisions of the California law that caught ChoicePoint and some sixty other companies, organizations and schools in 2005 that violated the rights of 9 million consumers. Ed Mierzwinski, Consumer Program Director for Public Interest Research Group, says, with this bill, there would be no notices of data breaches because the alert level is so high.
And then I ran into a site—posted just before the consumer protection week started—from junk mail’s industry organization, the Direct Marketing Association (DMA). It tells us that we don’t have to worry about identity theft any longer. The article, “ID Fraud Growth Is Contained, Finds Better Business Bureau And Javelin Study,” is not worth linking to but here are some of the facts:
• ID fraud has declined marginally from 10.1 million people to 8.9 million
(only?)
• Average fraud amount has increased from $5,249 to $6,383 (worse, right?)
• 68% of victims suffer no loss (which means 32% do)
• Time spent fixing the fraud increased from 33 hours to 40 (more bad news)
My interpretation of these facts is that ID fraud is still full-blown, but the fraudsters are becoming more sophisticated, getting more of your money with less effort. It is ludicrous to me that an organization like the DMA would state that identity theft has been contained. Maybe it isn’t so bizarre, since a measurable percent of ID theft comes from junk mail.
You may be sick of hearing it, but there is only one answer to protecting your name and personal information. Pass federal legislation that will give you control. And while we’re at it, make the junk mailers PAY YOU every time they sell your name and private data. Please, take the time to contact your members of Congress. Here are sites that make it easy: U.S. House of Representatives and U.S. Senate. Tell them I sent you!
Tuesday, March 28, 2006
Challenge to Junk Mail List Industry: Put Up or Shut Up
Back in 2004, I was writing op-eds on the subject of protecting individuals’ names and personal data, and submitting them to newspapers around the country with good success. As the result of one titled, “Mining the gold in our names,” appearing in the Rocky Mountain News, Tad Clarke, then Editor in Chief of junk mail industry publication, DM News, took exception with the term “junk mail.” He also called my hand on sharing this revenue with the name-holder, professing that junk mail shoppers already share in the wealth by getting lower prices. This is pure bull----!
If you add up any junk mail purchase, including shipping and handling—also a profit center with some junk mailers—you won’t save a lousy cent. You’ll actually pay more, but it is done in the name of convenience…which is OK. But don’t insult mine, or the public’s intelligence, by trying to pass off this industry fallacy that has been floated for years…that you can save money. I responded to Clarke’s editorial with my side of the story and have been richly ignored since.
When The Dunning Letter was launched in April of 2005, I had hoped to hear from any junk mail professional that agrees or disagrees with my concept that federal legislation should be passed giving consumers control over their names and private information, and pay them when it is sold. I haven’t heard from anyone. In the 35 years while selling names and personal data, it has been my position that the individual should have rights of control, and a good number of former associates know that.
Not only do I know that there are those in the business who agree with my ideas, but from experience, there are many who felt the data breach episodes of 2005 were inevitable, due to a lack of industry standards for security. But all of us were too busy making money to do anything about it. That is, until three years ago when I began my research to start The Dunning Letter, and its eventual introduction as a Blog.
So why should I care? Because it is in everyone’s interest to clean up the junk mail list industry, and I believe there are list professionals out there with stories that could help do just that. Otherwise, these list brokers and list managers are destined to lose the $4 billion annually harvested from the sale of consumers’ names and private information. The public is very angry over the identity crisis, and it is only a matter of time before tough, possibly irreversible, measures are taken.
So let’s hear it junk mailers, especially the list brokers and list managers, and tell me what you think. You can roast me at the stake or hang me in effigy, but at least give me your position on this issue of protecting consumers’ names and personal data. Tell me where I’m wrong and what you would do in this matter. You can get it off your chest and we’ll all be the better for it. Just e-mail me at jack.dundiv@cox.net and tell me what you think.
The clock is running, and there is very little time left. Your industry can survive the “junk” in junk mail, because it is a nickname associated with that 98% that ends up in the city dump. What it cannot endure is the complete loss of public confidence that will occur with continuing identity breaches.
If you add up any junk mail purchase, including shipping and handling—also a profit center with some junk mailers—you won’t save a lousy cent. You’ll actually pay more, but it is done in the name of convenience…which is OK. But don’t insult mine, or the public’s intelligence, by trying to pass off this industry fallacy that has been floated for years…that you can save money. I responded to Clarke’s editorial with my side of the story and have been richly ignored since.
When The Dunning Letter was launched in April of 2005, I had hoped to hear from any junk mail professional that agrees or disagrees with my concept that federal legislation should be passed giving consumers control over their names and private information, and pay them when it is sold. I haven’t heard from anyone. In the 35 years while selling names and personal data, it has been my position that the individual should have rights of control, and a good number of former associates know that.
Not only do I know that there are those in the business who agree with my ideas, but from experience, there are many who felt the data breach episodes of 2005 were inevitable, due to a lack of industry standards for security. But all of us were too busy making money to do anything about it. That is, until three years ago when I began my research to start The Dunning Letter, and its eventual introduction as a Blog.
So why should I care? Because it is in everyone’s interest to clean up the junk mail list industry, and I believe there are list professionals out there with stories that could help do just that. Otherwise, these list brokers and list managers are destined to lose the $4 billion annually harvested from the sale of consumers’ names and private information. The public is very angry over the identity crisis, and it is only a matter of time before tough, possibly irreversible, measures are taken.
So let’s hear it junk mailers, especially the list brokers and list managers, and tell me what you think. You can roast me at the stake or hang me in effigy, but at least give me your position on this issue of protecting consumers’ names and personal data. Tell me where I’m wrong and what you would do in this matter. You can get it off your chest and we’ll all be the better for it. Just e-mail me at jack.dundiv@cox.net and tell me what you think.
The clock is running, and there is very little time left. Your industry can survive the “junk” in junk mail, because it is a nickname associated with that 98% that ends up in the city dump. What it cannot endure is the complete loss of public confidence that will occur with continuing identity breaches.
Friday, March 24, 2006
More on the IRS Selling Your Financial Data
Did you know that in large tax preparer franchises, that anyone in the organization has unrestricted access to your tax records? They do. Are you aware that many tax professionals outsource your tax preparation to contractors overseas? They do. It’s also a fact that smaller companies do not have the electronic capabilities to complete your returns and must use outside computer facilities.
In other words, your income tax data is all over the place just like your name and other private information. Read about it in William Perez’ article in About.com: “IRS Issues Proposed Regulations to Safeguard Taxpayer’s Privacy.” Perez mentions even more participants in the laying open of your financial life, which are banks, loan companies, and investment firms, that partner with the tax pros.
So now they want to open the door to marketing your financial data in the same way they sell lists like Sharper Image, LL Bean, Coldwater Creek, Brookstone and thousands of other mailing lists on the market. And you know who’s standing in line to confiscate your name and all the goodies that go with it? Five hundred list managers and several data brokers that will compete for the right to hawk 295 million tax returns to whoever has the money to buy them.
This will provide a generous increase to the $4 billion already made from your names and private information each year. And…not one penny goes into your pocket. If that doesn’t gall you, it should. Restraint is called for now more than ever, and it can be accomplished by the passing of federal legislation that will give the individual control over their name and personal data, and paying them when it is sold.
Rep. Ed Markey of Massachusetts, a Democrat, along with some other congressional leaders, apparently opened this can of worms by voicing his concern over the outsourcing of tax preparation services to IRS Commissioner, Mark Everson. Markey now seems satisfied with Everson’s regulations allowing the sale of your financial data, which is another strike against the Democratic Party.
Please tell me. How did we end up with the dimwitted notion that it is realistic to place some of the consumer’s most private information in harm’s way, after over 100 data breaches in 2005, affecting 56 million people, at a cost of $47.5 billion? And the beat goes on in 2006 with at least 10 breaches already. I’ll tell you how. The current trend by the GOP to shove as much action toward the business community that it can, protect the banking industry and the consumer be damned. Read another good piece in OpEdNews.com by Douglas Drenkow: “Backed by Big Money, Congress May Gut Identity Theft Laws.”
Two of the largest tax preparers have been involved in legal action over how they handle personal data. H&R Block is being sued by New York State Attorney General Eliot Spitzer for fraudulently marketing retirement savings plans to its customers that caused heavy financial losses. See the Reuters article on MSNBC.com, “New York charges H&R Block with fraud.” The company admits another breach in Kansas City, in an Associated Press piece, “H&R Block acknowledges privacy breach,” again, on MSNBC.com. Get this: they put the recipients Social Security number on the mail out label for software that was being sent.
As an example of general ethics, another biggie in the tax preparation business, Jackson Hewitt, had a manager of one of its locations in Michigan sentenced to 18 months in prison, followed by three years of supervised release, and ordered to pay $231,053 in restitution. Also in Michigan, a second JH manager sent up for 30 months plus three years supervision, and had to pay $229,805. Each was convicted of conspiracy to defraud the IRS by inflating the refunds of clients. You can read about this on the IRS site: “Tax Return Preparer Fraud.”
The consumer does have to give their consent for tax preparers to sell their financial data. A move that I, as a list expert in the junk mail industry for over 35 years, would consider insane. Haven’t we already lost too much control over our personal data? The public hearing on this issue is being held April 4. All I can say is I wish I could be there.
In other words, your income tax data is all over the place just like your name and other private information. Read about it in William Perez’ article in About.com: “IRS Issues Proposed Regulations to Safeguard Taxpayer’s Privacy.” Perez mentions even more participants in the laying open of your financial life, which are banks, loan companies, and investment firms, that partner with the tax pros.
So now they want to open the door to marketing your financial data in the same way they sell lists like Sharper Image, LL Bean, Coldwater Creek, Brookstone and thousands of other mailing lists on the market. And you know who’s standing in line to confiscate your name and all the goodies that go with it? Five hundred list managers and several data brokers that will compete for the right to hawk 295 million tax returns to whoever has the money to buy them.
This will provide a generous increase to the $4 billion already made from your names and private information each year. And…not one penny goes into your pocket. If that doesn’t gall you, it should. Restraint is called for now more than ever, and it can be accomplished by the passing of federal legislation that will give the individual control over their name and personal data, and paying them when it is sold.
Rep. Ed Markey of Massachusetts, a Democrat, along with some other congressional leaders, apparently opened this can of worms by voicing his concern over the outsourcing of tax preparation services to IRS Commissioner, Mark Everson. Markey now seems satisfied with Everson’s regulations allowing the sale of your financial data, which is another strike against the Democratic Party.
Please tell me. How did we end up with the dimwitted notion that it is realistic to place some of the consumer’s most private information in harm’s way, after over 100 data breaches in 2005, affecting 56 million people, at a cost of $47.5 billion? And the beat goes on in 2006 with at least 10 breaches already. I’ll tell you how. The current trend by the GOP to shove as much action toward the business community that it can, protect the banking industry and the consumer be damned. Read another good piece in OpEdNews.com by Douglas Drenkow: “Backed by Big Money, Congress May Gut Identity Theft Laws.”
Two of the largest tax preparers have been involved in legal action over how they handle personal data. H&R Block is being sued by New York State Attorney General Eliot Spitzer for fraudulently marketing retirement savings plans to its customers that caused heavy financial losses. See the Reuters article on MSNBC.com, “New York charges H&R Block with fraud.” The company admits another breach in Kansas City, in an Associated Press piece, “H&R Block acknowledges privacy breach,” again, on MSNBC.com. Get this: they put the recipients Social Security number on the mail out label for software that was being sent.
As an example of general ethics, another biggie in the tax preparation business, Jackson Hewitt, had a manager of one of its locations in Michigan sentenced to 18 months in prison, followed by three years of supervised release, and ordered to pay $231,053 in restitution. Also in Michigan, a second JH manager sent up for 30 months plus three years supervision, and had to pay $229,805. Each was convicted of conspiracy to defraud the IRS by inflating the refunds of clients. You can read about this on the IRS site: “Tax Return Preparer Fraud.”
The consumer does have to give their consent for tax preparers to sell their financial data. A move that I, as a list expert in the junk mail industry for over 35 years, would consider insane. Haven’t we already lost too much control over our personal data? The public hearing on this issue is being held April 4. All I can say is I wish I could be there.
Tuesday, March 21, 2006
Now, Even the IRS Wants to Sell Your Financial Data
Even I can’t believe this, and the past year has been full of surprises. The Internal Revenue Service has decided it should get in the business of selling your name and private information. Not directly, you understand, but to authorize every tax preparer in the country to do so. The IRS is proposing to allow tax preparers to sell the very data you provide them to do your taxes. The stuff we all thought was sacred until now.
Mind you, there have been situations in the past when certain tax information was released, but primarily for legal reasons, not for mass marketing. This is blatant government irresponsibility in the handling of perhaps one of your most personal assets. Sure, the preparer has to get your consent, but this reeks of the days when junk mailers were forced to bury that now infamous phrase in their sales pitches: we may share your name with other (junk) mailers… They don’t even have the guts to say “sell.”
In a ConsumerAffairs.com article by Martin Bosworth, he remarks that H&R Block could sell your tax return information to data brokers such as ChoicePoint, who in turn could sell it to anyone with the ability to buy. Or, as we have observed, lose it to an ID thief (my comment). Bosworth continues with a statement by Ed Mierzwinski from Public Interest Research Group: (this is) “…the same IRS that let Richard Nixon and many other Presidents run roughshod over the privacy of ordinary American citizens…”
Kathleen Pender, in the San Francisco Chronicle, makes an interesting observation: “The IRS, with a straight face, says the existing prohibitions against sharing (there’s that killer word again) confidential data with outside parties ‘restrict the ability of taxpayers to control and direct the use of their own tax return information as they see fit.’” The consent form, which is supposed to be separate from all other material, also has a “disclaimer.” It specifies that the tax preparer has no control over your name and personal data once it is in the hands of the third party—ChoicePoint, etc. Isn’t that comforting?
Jeanne Sahadi, in a piece on CNNMoney.com, says: “You want a piece of me? Pay me.” This is the position everyone should take in the selling of their name and private information. However, if you took legal ownership of your name, you’d probably bargain it away for freebies like cable or other services, according to Chris Hoofnagle of the Electronic Privacy Information Center. He also feels that, at the present time, whoever possesses your personal data, owns it.
And that’s why we must pass federal legislation that will give consumers control over their names and private information, and, while we’re at it, pay them whenever it is sold. Sahadi agrees and cautions taxpayers further: even though the IRS regulations are not final, tax preparers could ask your consent, anticipating this potential windfall. Be aware!
More in my next Post on this issue, including the “biggies” of tax preparation like H&R Block and Jackson Hewitt, the IRS Commissioner, Mark W. Everson’s part in this new regulation, and the junk mail list people now standing in line to sell your financial data found in this new treasure trove.
Mind you, there have been situations in the past when certain tax information was released, but primarily for legal reasons, not for mass marketing. This is blatant government irresponsibility in the handling of perhaps one of your most personal assets. Sure, the preparer has to get your consent, but this reeks of the days when junk mailers were forced to bury that now infamous phrase in their sales pitches: we may share your name with other (junk) mailers… They don’t even have the guts to say “sell.”
In a ConsumerAffairs.com article by Martin Bosworth, he remarks that H&R Block could sell your tax return information to data brokers such as ChoicePoint, who in turn could sell it to anyone with the ability to buy. Or, as we have observed, lose it to an ID thief (my comment). Bosworth continues with a statement by Ed Mierzwinski from Public Interest Research Group: (this is) “…the same IRS that let Richard Nixon and many other Presidents run roughshod over the privacy of ordinary American citizens…”
Kathleen Pender, in the San Francisco Chronicle, makes an interesting observation: “The IRS, with a straight face, says the existing prohibitions against sharing (there’s that killer word again) confidential data with outside parties ‘restrict the ability of taxpayers to control and direct the use of their own tax return information as they see fit.’” The consent form, which is supposed to be separate from all other material, also has a “disclaimer.” It specifies that the tax preparer has no control over your name and personal data once it is in the hands of the third party—ChoicePoint, etc. Isn’t that comforting?
Jeanne Sahadi, in a piece on CNNMoney.com, says: “You want a piece of me? Pay me.” This is the position everyone should take in the selling of their name and private information. However, if you took legal ownership of your name, you’d probably bargain it away for freebies like cable or other services, according to Chris Hoofnagle of the Electronic Privacy Information Center. He also feels that, at the present time, whoever possesses your personal data, owns it.
And that’s why we must pass federal legislation that will give consumers control over their names and private information, and, while we’re at it, pay them whenever it is sold. Sahadi agrees and cautions taxpayers further: even though the IRS regulations are not final, tax preparers could ask your consent, anticipating this potential windfall. Be aware!
More in my next Post on this issue, including the “biggies” of tax preparation like H&R Block and Jackson Hewitt, the IRS Commissioner, Mark W. Everson’s part in this new regulation, and the junk mail list people now standing in line to sell your financial data found in this new treasure trove.
Thursday, March 16, 2006
Statistics Are Boring...Unless They're Yours
When statistical surveys are taken, they use a cross-section of the U.S. to determine the probable answers to certain questions. Based on the replies from this random sampling, public opinion is measured, and conclusions drawn on issues such as privacy. The results are designed to represent the average “you,” the consumer…so, this post is directed to that happy medium.
The reason I bring all this up are two surveys I ran into recently; one re. government’s priority for your privacy, the other the same, but for business. The results are so startling—actually horrifying—that I decided to dig further to resolve just how “you” react to this shabby treatment. But first, how business and government go about protecting your name and personal data.
In a recent Chief Information Officer (CIO) study, federal agencies don’t care about your privacy unless they are forced to by bad publicity. In an article from GovExec.com, “Survey: Agency programs to protect privacy inadequate,” by Daniel Pulliam, he remarks, “…privacy programs are slipping through the cracks and fewer agencies treat them as a priority…” The respondents were top federal CIO’s, one of which stated the law governing IT security, the “2002 Federal Information Security Management Act,” isn’t worth the paper it’s written on.
Business didn’t fare any better. Some excerpts from a series of pieces done by Chief Security Officer Online: only 80 % have privacy or data protection strategy; 38 % believe their resources couldn’t adequately manage the privacy of your personal data; only 31 % are prepared to notify you in case of a breach. /MORE/ Privacy Rights Clearinghouse (PRC) reports that 61 U.S. companies experienced breaches of your private information in just the first half of 2005. /MORE/ A report by the Annenberg Public Policy Center found that 65 % of you feel secure online and 75 % believe that a website’s privacy policy translates to the fact they will not share your personal data. Both, of course, are incorrect assumptions. /MORE/
If you are hooked on numbers, go to Privacy Rights Clearinghouse (PRC), and Electronic Privacy Information Center (EPIC) for a collection of surveys and statistics on privacy-related matters that are unsurpassed, as far as I am concerned. And now, some of the many faces of “you.”
Over 9 million of you were victims of identity fraud in 2005, which was down from 2003, according to Javelin Research. However, what it cost you and the time to fix it, did go up. That means the crooks are getting more sophisticated.
The balance of statistics is listed in chronological order with the newest first. According to the Washington Post in January of 2006, 64 % of you thought federal agencies were intruding on your privacy rights in investigating terrorism, with 44% concerned that Bush would exceed his limits in order to investigate terrorism.
A whopping 32% placed your personal privacy above investigating possible terrorist threats… recruits for my new independent party based on privacy! In another Annenberg survey, an alarming number of you have false beliefs over the safety of your private information in the marketplace.
A Harris Poll found that 35% of you have “very high privacy concerns,” and 79% feel it is extremely important that the personal data collected on you is controlled. According to the American Society of Newspaper Editors, a majority of you are concerned that business and government would violate your privacy. The same study showed that another 52% of you have “very little” or “no confidence at all” that business uses your private information properly.
Eighty-nine percent of you are concerned about privacy, and 54% want Congress to pass legislation to protect your personal data. The statistics go on, but this is decidedly the place to end this post.
Join with me to get that federal legislation passed that will give you control over your private information, and will also pay you when it is sold. Write or e-mail your congressional representatives, send letters to your newspaper’s editorial page, call local TV and talk radio, and tell them all you aren’t going to take it anymore. And, of course…be sure to tell them I sent you!
The reason I bring all this up are two surveys I ran into recently; one re. government’s priority for your privacy, the other the same, but for business. The results are so startling—actually horrifying—that I decided to dig further to resolve just how “you” react to this shabby treatment. But first, how business and government go about protecting your name and personal data.
In a recent Chief Information Officer (CIO) study, federal agencies don’t care about your privacy unless they are forced to by bad publicity. In an article from GovExec.com, “Survey: Agency programs to protect privacy inadequate,” by Daniel Pulliam, he remarks, “…privacy programs are slipping through the cracks and fewer agencies treat them as a priority…” The respondents were top federal CIO’s, one of which stated the law governing IT security, the “2002 Federal Information Security Management Act,” isn’t worth the paper it’s written on.
Business didn’t fare any better. Some excerpts from a series of pieces done by Chief Security Officer Online: only 80 % have privacy or data protection strategy; 38 % believe their resources couldn’t adequately manage the privacy of your personal data; only 31 % are prepared to notify you in case of a breach. /MORE/ Privacy Rights Clearinghouse (PRC) reports that 61 U.S. companies experienced breaches of your private information in just the first half of 2005. /MORE/ A report by the Annenberg Public Policy Center found that 65 % of you feel secure online and 75 % believe that a website’s privacy policy translates to the fact they will not share your personal data. Both, of course, are incorrect assumptions. /MORE/
If you are hooked on numbers, go to Privacy Rights Clearinghouse (PRC), and Electronic Privacy Information Center (EPIC) for a collection of surveys and statistics on privacy-related matters that are unsurpassed, as far as I am concerned. And now, some of the many faces of “you.”
Over 9 million of you were victims of identity fraud in 2005, which was down from 2003, according to Javelin Research. However, what it cost you and the time to fix it, did go up. That means the crooks are getting more sophisticated.
The balance of statistics is listed in chronological order with the newest first. According to the Washington Post in January of 2006, 64 % of you thought federal agencies were intruding on your privacy rights in investigating terrorism, with 44% concerned that Bush would exceed his limits in order to investigate terrorism.
A whopping 32% placed your personal privacy above investigating possible terrorist threats… recruits for my new independent party based on privacy! In another Annenberg survey, an alarming number of you have false beliefs over the safety of your private information in the marketplace.
A Harris Poll found that 35% of you have “very high privacy concerns,” and 79% feel it is extremely important that the personal data collected on you is controlled. According to the American Society of Newspaper Editors, a majority of you are concerned that business and government would violate your privacy. The same study showed that another 52% of you have “very little” or “no confidence at all” that business uses your private information properly.
Eighty-nine percent of you are concerned about privacy, and 54% want Congress to pass legislation to protect your personal data. The statistics go on, but this is decidedly the place to end this post.
Join with me to get that federal legislation passed that will give you control over your private information, and will also pay you when it is sold. Write or e-mail your congressional representatives, send letters to your newspaper’s editorial page, call local TV and talk radio, and tell them all you aren’t going to take it anymore. And, of course…be sure to tell them I sent you!
Tuesday, March 14, 2006
Protection Against the Protection
When you Google “ID theft prevention,” you get 6.9 million sites, some of which are selling you protection, others offer it free. You know they are going to come out of the woodwork when there is a buck to be made. I am not saying you shouldn’t buy this service, because some of us are too lazy, or just do not have the time, to watch over our identity. It does require some effort, and if you want to take charge of this most valuable asset, go to Privacy Rights Clearinghouse for some of the best information available on the subject. It’s free.
If you’re thinking of purchasing protection, there is a good article on Marketwatch.com, “No sure-fire cure/Many products fight ID theft, but none fully prevent it,” by Andrea Coombes. The key here is, none of these services, nor any of the free advice, good as it might be, is 100% guaranteed. Neither is the plethora of identity theft bills currently proposed in Congress. It is all designed to help guard against the possibility of ID theft, or to clean up the situation once it has occurred. Not good enough, in my book.
This is my mandate for solving the identity crisis once and for all. Pass federal legislation to give the individual control over their name and personal data, and, while we’re at it, pay them when it is sold. If you visit this Blog with any regularity, you’ve heard this many times, and if you continue to come back, you’ll keep hearing it. That is…until we get the federal legislation passed.
You might want to check the article, “The ID theft protection racket,” on CNNMoney.com, by Pat Regnier. Sub-headline: “It could get you killed.” It chronicles a stolen identity where the perp ends up in the hospital with the victim’s name, and this data ends up at the Medical Information Bureau (MIB), the vast storehouse of your past health issues. The scenario goes on to show how, if you then went to the hospital, and the perp’s MIB info shows you have heart trouble, they could kill you. Very possible, since I once ended up in the MIB as deceased, and was denied life insurance.
Regnier mentions some elite of the financial community, “…hawking services designed to protect you from the threat.” They include American Express, Chase, Citi, Discover and MBNA, and this household has received offers from all of them. Then Regnier gets right to the point: “Privacy advocates complain that ID protection is often sold by the very companies that have contributed to the problem.”
And, of course, there’s ID theft insurance, covered in another CNN Money.com piece by Regnier, titled, “ID insurance? Who needs this stuff?” Although it doesn’t reimburse you for the stolen money, you can get up to $2,000 for attorney fees and lost wages. Other options are to check if your homeowner’s insurance covers this, and, of course, you should get your free annual credit report.
Some of these paid services are just not worth it. However, if you are one of the lazy ones, or simply too busy to deal with this and have the money to let someone else do it, just be careful with whom you sign up. Read the fine print and make sure it is the plan that fits your needs. And, don’t buy something you do not need. Remember the old reliable axiom, if it looks too good to be true, it probably is. It applies here…more than ever.
If you’re thinking of purchasing protection, there is a good article on Marketwatch.com, “No sure-fire cure/Many products fight ID theft, but none fully prevent it,” by Andrea Coombes. The key here is, none of these services, nor any of the free advice, good as it might be, is 100% guaranteed. Neither is the plethora of identity theft bills currently proposed in Congress. It is all designed to help guard against the possibility of ID theft, or to clean up the situation once it has occurred. Not good enough, in my book.
This is my mandate for solving the identity crisis once and for all. Pass federal legislation to give the individual control over their name and personal data, and, while we’re at it, pay them when it is sold. If you visit this Blog with any regularity, you’ve heard this many times, and if you continue to come back, you’ll keep hearing it. That is…until we get the federal legislation passed.
You might want to check the article, “The ID theft protection racket,” on CNNMoney.com, by Pat Regnier. Sub-headline: “It could get you killed.” It chronicles a stolen identity where the perp ends up in the hospital with the victim’s name, and this data ends up at the Medical Information Bureau (MIB), the vast storehouse of your past health issues. The scenario goes on to show how, if you then went to the hospital, and the perp’s MIB info shows you have heart trouble, they could kill you. Very possible, since I once ended up in the MIB as deceased, and was denied life insurance.
Regnier mentions some elite of the financial community, “…hawking services designed to protect you from the threat.” They include American Express, Chase, Citi, Discover and MBNA, and this household has received offers from all of them. Then Regnier gets right to the point: “Privacy advocates complain that ID protection is often sold by the very companies that have contributed to the problem.”
And, of course, there’s ID theft insurance, covered in another CNN Money.com piece by Regnier, titled, “ID insurance? Who needs this stuff?” Although it doesn’t reimburse you for the stolen money, you can get up to $2,000 for attorney fees and lost wages. Other options are to check if your homeowner’s insurance covers this, and, of course, you should get your free annual credit report.
Some of these paid services are just not worth it. However, if you are one of the lazy ones, or simply too busy to deal with this and have the money to let someone else do it, just be careful with whom you sign up. Read the fine print and make sure it is the plan that fits your needs. And, don’t buy something you do not need. Remember the old reliable axiom, if it looks too good to be true, it probably is. It applies here…more than ever.
Thursday, March 09, 2006
Why the Democratic Party is NOT the Party of Privacy
It goes without saying that a GOP Congress is never going to stoop to the level of championing the protection of consumer privacy. If anything, “W” wants to take away as much as he can, and his Congressional brigade is certainly making it easy. It’s been a year since the major data breaches of 2005, and have you seen any meaningful privacy legislation come from Washington? So, where do we turn, to the Democrats? Another not. Here’s why.
Reporting on the 2000 Democratic National Convention, ZDNET.com had an article by Lisa Bowman: “Are Democrats the Privacy Party?” If you read this article posted in August of 2000, and if you are a Democrat, you’d think there’s hope for the protection of your privacy, and it was your party that was going to do it. Caroline Kennedy said they would. Rep. Louise Slaughter, D-N.Y supported this move, as well as Rep. Jay Inslee, D-Wash. So, what happened?
Nothing, but a lot of rhetoric, with no substance, at least from the federal lawmakers. To cap this off, I just received a mailing from Democratic National Headquarters entitled, “2006 New Directions Survey,” with a questionnaire and request for donation. It’s from Rep. Nancy Pelosi, D-CA, who is the House Democratic Leader.
The survey talks about the mission of the Democrats, its leadership, and goes on to cover six issues: the economy, Social Security, foreign policy, education, the environment, and health care. It was received March 2, 2006…once again, a year from the first data breach, and not one word about privacy, much less how you can prevent your name and personal data from being ravaged by ID thieves.
It took State Senator Liz Figueroa of California to pass bankable legislation in January 2005—even before the data breaches—that would eventually expose the incompetence of data brokers like ChoicePoint and LexisNexis. Her “Shine the Light” law has been the foundation on which Congressional leaders, in their bumbling way, have tried to mold federal legislation to curb the identity crisis.
Aside from really getting nothing done, the Washington politicos are steering bills in a direction that will actually dilute state laws like Figueroa’s. And, she’s a Democrat. Congress seems bent on protecting business, over the interests of the consumers who are their constituents. That’s you, by the way.
In January, Computerworld, in an article, “Three more states add laws on data breaches,” by Jaikumar Vijayan, talks about adding three states to the twenty that already have data breach laws. More states are sure to follow. Despite the fact that fifty-one different laws would pose an insurmountable task for business, and the fact that this Congress is likely to pass anemic legislation that would supersede all 51, this is still not getting to the heart of the real problem.
Back to the soapbox. We need to pass federal legislation that will give every individual control over their name and personal data, which would include paying them anytime this private information is sold. Period. If I haven’t convinced you of the need for this legislation by now, I need to know where I failed, and why you don’t agree.
Reporting on the 2000 Democratic National Convention, ZDNET.com had an article by Lisa Bowman: “Are Democrats the Privacy Party?” If you read this article posted in August of 2000, and if you are a Democrat, you’d think there’s hope for the protection of your privacy, and it was your party that was going to do it. Caroline Kennedy said they would. Rep. Louise Slaughter, D-N.Y supported this move, as well as Rep. Jay Inslee, D-Wash. So, what happened?
Nothing, but a lot of rhetoric, with no substance, at least from the federal lawmakers. To cap this off, I just received a mailing from Democratic National Headquarters entitled, “2006 New Directions Survey,” with a questionnaire and request for donation. It’s from Rep. Nancy Pelosi, D-CA, who is the House Democratic Leader.
The survey talks about the mission of the Democrats, its leadership, and goes on to cover six issues: the economy, Social Security, foreign policy, education, the environment, and health care. It was received March 2, 2006…once again, a year from the first data breach, and not one word about privacy, much less how you can prevent your name and personal data from being ravaged by ID thieves.
It took State Senator Liz Figueroa of California to pass bankable legislation in January 2005—even before the data breaches—that would eventually expose the incompetence of data brokers like ChoicePoint and LexisNexis. Her “Shine the Light” law has been the foundation on which Congressional leaders, in their bumbling way, have tried to mold federal legislation to curb the identity crisis.
Aside from really getting nothing done, the Washington politicos are steering bills in a direction that will actually dilute state laws like Figueroa’s. And, she’s a Democrat. Congress seems bent on protecting business, over the interests of the consumers who are their constituents. That’s you, by the way.
In January, Computerworld, in an article, “Three more states add laws on data breaches,” by Jaikumar Vijayan, talks about adding three states to the twenty that already have data breach laws. More states are sure to follow. Despite the fact that fifty-one different laws would pose an insurmountable task for business, and the fact that this Congress is likely to pass anemic legislation that would supersede all 51, this is still not getting to the heart of the real problem.
Back to the soapbox. We need to pass federal legislation that will give every individual control over their name and personal data, which would include paying them anytime this private information is sold. Period. If I haven’t convinced you of the need for this legislation by now, I need to know where I failed, and why you don’t agree.
Tuesday, March 07, 2006
More Ammunition for the Independent Privacy Party
I started my day reading an MSNBC story, “Senate panel rejects ethics, lobbying watchdog,” by Jeffrey Birnbaum. The rejected proposal was a bipartisan effort to establish independent oversight and enforcement of congressional ethics. Are any of us surprised it was rejected? Senators Susan Collins, a Republican from Maine, and Joe Lieberman, Democrat from Connecticut, tried, but it just wasn’t to be. There are nine Republicans on the committee, seven Democrats, and the vote to reject was 11 to 5.
Republican Senator George Voinovich from Ohio, and chairman of the Senate’s Select Committee on Ethics, remarked that the ethics panel doesn’t need help, “…because it is already doing a thorough job of enforcing the chamber’s rules.” Apparently he hasn’t met or even heard of Tom Delay, Jack Abramoff, or “Duke” Cunningham.
A Senator Collins comment, although not in reply to Voinovich, was that hiring professionals to oversee lobbying reports and ethics complaints could improve Congress’ credibility because of the appearance of conflict-of-interest in self-policing. She proceeded to say: “The current system of reviewing lobbyists’ public reports is a joke.” And, folks, she's a Republican.
Another Senator, Democrat Barack Obama from Illinois, also feels an independent body to watch congressional ethics is the only answer. In the Boston Globe’s coverage of this issue, “Senate balks at ethics watchdog agency,” by Rick Klein, he also reports that several senators were concerned about the potential bureaucracy, cost, and duplication of tasks of the ethics committees. In my opinion, if anything at all is done to raise the ethics of Congress, there will be no duplication in what congressional leaders are, or have been, doing.
Senator Ted Stevens, Alaska Republican, is afraid of how his opponents would use information from an independent group, and fears that it could not operate at the same level of “secrecy” as House and Senate ethics committees. There’s that favorite Bush/Cheney word again. Joan Claybrook, president of Public Citizen, and the Grand Dame of consumerism, is convinced independence is required for ethics enforcement.
On the other hand, the Senate Rules Committee voted 17-0 to alert the public when a senator has a drink bought by a lobbyist, a piddly bill by Trent Lott they hope will refocus the public’s attention. See “Senate Panel Backs New Ethics Disclosures” on CBS News.com. Actually, it means ‘fessin up to meals, booze, and trips they receive at the expense of the strong-arm clique. Maybe I’m missing something, but this sounds like padding legislation with an issue meant to keep the wolf away from the real door: the decidedly crooked members of Congress.
I could go on forever about why an independent party is needed to stem the tide from an unethical and non-responsive Congress. Remember from my last post, 61% of you feel your congressional representatives do not share your priorities. It goes without saying, everyone wants to feel safe in the privacy of their home and with their personal information. This is guaranteed by the 4th Amendment. So, we start there as the basic platform for a privacy party, and branch out to other planks.
Hey! Sounding better all the time, don’t you think?
Republican Senator George Voinovich from Ohio, and chairman of the Senate’s Select Committee on Ethics, remarked that the ethics panel doesn’t need help, “…because it is already doing a thorough job of enforcing the chamber’s rules.” Apparently he hasn’t met or even heard of Tom Delay, Jack Abramoff, or “Duke” Cunningham.
A Senator Collins comment, although not in reply to Voinovich, was that hiring professionals to oversee lobbying reports and ethics complaints could improve Congress’ credibility because of the appearance of conflict-of-interest in self-policing. She proceeded to say: “The current system of reviewing lobbyists’ public reports is a joke.” And, folks, she's a Republican.
Another Senator, Democrat Barack Obama from Illinois, also feels an independent body to watch congressional ethics is the only answer. In the Boston Globe’s coverage of this issue, “Senate balks at ethics watchdog agency,” by Rick Klein, he also reports that several senators were concerned about the potential bureaucracy, cost, and duplication of tasks of the ethics committees. In my opinion, if anything at all is done to raise the ethics of Congress, there will be no duplication in what congressional leaders are, or have been, doing.
Senator Ted Stevens, Alaska Republican, is afraid of how his opponents would use information from an independent group, and fears that it could not operate at the same level of “secrecy” as House and Senate ethics committees. There’s that favorite Bush/Cheney word again. Joan Claybrook, president of Public Citizen, and the Grand Dame of consumerism, is convinced independence is required for ethics enforcement.
On the other hand, the Senate Rules Committee voted 17-0 to alert the public when a senator has a drink bought by a lobbyist, a piddly bill by Trent Lott they hope will refocus the public’s attention. See “Senate Panel Backs New Ethics Disclosures” on CBS News.com. Actually, it means ‘fessin up to meals, booze, and trips they receive at the expense of the strong-arm clique. Maybe I’m missing something, but this sounds like padding legislation with an issue meant to keep the wolf away from the real door: the decidedly crooked members of Congress.
I could go on forever about why an independent party is needed to stem the tide from an unethical and non-responsive Congress. Remember from my last post, 61% of you feel your congressional representatives do not share your priorities. It goes without saying, everyone wants to feel safe in the privacy of their home and with their personal information. This is guaranteed by the 4th Amendment. So, we start there as the basic platform for a privacy party, and branch out to other planks.
Hey! Sounding better all the time, don’t you think?
Thursday, March 02, 2006
My Case for an Independent Political Party Based on Privacy
Mark Twain said: “Reader, suppose you were an idiot. And suppose you were a member of Congress. But I repeat myself.” This was spoken sometime in the late 1800’s by the writer, and quoted in December of 2004 in “Why you can’t trust Congress,” by Paul Greenberg. Greenberg, writing in Townhall.com, was remarking on the attempt of Oklahoma Republican Representative Ernest Istook to slip into the giant omnibus spending bill of 2004, a provision allowing lawmakers, and whomever they designate, to access the tax returns of any American they choose.
Under pressure, the provision was removed, after being discovered by the staff of Democratic Senator Kent Conrad of North Dakota. CNN.com posted the story, “GOP lawmaker: Tax-return measure aimed at IRS oversight,” in November of 2004. Old news? Yes, but one of the glaring examples of what lengths at least the Republican side of this Congress will go to in order to usurp your identity and place your name and personal data in jeopardy. Starting with your Social Security number, your tax returns provide all the ingredients for ID thieves to steal you blind.
Here are the results of a CBS News poll in the latter part of 2005. On Congress’ job approval, 52% disapprove with only 33% approving. Some reasons given for the dissent are: partisan bickering, 20%; bad priorities, 14%; and this is my favorite, 9% feel congressional leaders just don’t care about them. When asked what Congress had done lately, 78% said they didn’t know. Sixty-one percent expressed that Congress does not share their priorities. Yet, as an approval of political party, the Democrats are barely ahead at 44% to 43%.
In an Associated Press, article, “Collins: Public trust in Congress perilously low,” by Jim Abrams, some members of Congress are calling for an evaluation of their own behavior, as well as the lobbyists. It’s the old adage of supply and demand. The lobbyists wouldn’t be performing the crooked antics they are if it wasn’t for the needs of some likewise politicians. On the other hand, Senator Susan Collins, Republican from Maine and chair of the Homeland Security and Government Affairs committee, sounds genuinely concerned over the public trust, or lack, thereof. Senator Joe Lieberman, the committee’s top Democrat, wants to clear the air, referring to the Abramoff lobbying scandal.
All well and good, but where is the real action? My gut feeling is that this Congress will let the identity crisis issue slide until the heat is off—as we have learned to expect from the past—and eventually go back to business as usual. Too bad there is no statesperson in the current crop of politicos in Washington like Shirley Chisholm, Everett Dirksen, Adlai Stevenson, or Barry Goldwater. Say what you want about former Mayor Richard Daley of Chicago, but he took care of the people.
We must return to a focus on the human rights of individuals, and respect their privacy to do what they choose within the law. This would have to start with the White House and filter down through Congress and State governments. What is needed is a new independent political party with its major platform issue: individual privacy.
My grass-roots effort to pass federal legislation giving consumers control over their names and personal data, and paying them when it is sold, is only a small part of a movement that seems to be gaining momentum with the low congressional satisfaction levels stated above. The time is right and the electorate is ready to stand up for their rights.
It will never be done with ordinary politicians, and, unless there is a national leader lurking in the cloakrooms of Congress, unable to speak up due to peer pressure, we have to find that individual. As best I can determine, he or she isn’t on either side of the aisle today. As Paul Greenberg put it: “When Mark Twain compared congressmen to idiots, he was, of course, being unfair. To idiots.”
Under pressure, the provision was removed, after being discovered by the staff of Democratic Senator Kent Conrad of North Dakota. CNN.com posted the story, “GOP lawmaker: Tax-return measure aimed at IRS oversight,” in November of 2004. Old news? Yes, but one of the glaring examples of what lengths at least the Republican side of this Congress will go to in order to usurp your identity and place your name and personal data in jeopardy. Starting with your Social Security number, your tax returns provide all the ingredients for ID thieves to steal you blind.
Here are the results of a CBS News poll in the latter part of 2005. On Congress’ job approval, 52% disapprove with only 33% approving. Some reasons given for the dissent are: partisan bickering, 20%; bad priorities, 14%; and this is my favorite, 9% feel congressional leaders just don’t care about them. When asked what Congress had done lately, 78% said they didn’t know. Sixty-one percent expressed that Congress does not share their priorities. Yet, as an approval of political party, the Democrats are barely ahead at 44% to 43%.
In an Associated Press, article, “Collins: Public trust in Congress perilously low,” by Jim Abrams, some members of Congress are calling for an evaluation of their own behavior, as well as the lobbyists. It’s the old adage of supply and demand. The lobbyists wouldn’t be performing the crooked antics they are if it wasn’t for the needs of some likewise politicians. On the other hand, Senator Susan Collins, Republican from Maine and chair of the Homeland Security and Government Affairs committee, sounds genuinely concerned over the public trust, or lack, thereof. Senator Joe Lieberman, the committee’s top Democrat, wants to clear the air, referring to the Abramoff lobbying scandal.
All well and good, but where is the real action? My gut feeling is that this Congress will let the identity crisis issue slide until the heat is off—as we have learned to expect from the past—and eventually go back to business as usual. Too bad there is no statesperson in the current crop of politicos in Washington like Shirley Chisholm, Everett Dirksen, Adlai Stevenson, or Barry Goldwater. Say what you want about former Mayor Richard Daley of Chicago, but he took care of the people.
We must return to a focus on the human rights of individuals, and respect their privacy to do what they choose within the law. This would have to start with the White House and filter down through Congress and State governments. What is needed is a new independent political party with its major platform issue: individual privacy.
My grass-roots effort to pass federal legislation giving consumers control over their names and personal data, and paying them when it is sold, is only a small part of a movement that seems to be gaining momentum with the low congressional satisfaction levels stated above. The time is right and the electorate is ready to stand up for their rights.
It will never be done with ordinary politicians, and, unless there is a national leader lurking in the cloakrooms of Congress, unable to speak up due to peer pressure, we have to find that individual. As best I can determine, he or she isn’t on either side of the aisle today. As Paul Greenberg put it: “When Mark Twain compared congressmen to idiots, he was, of course, being unfair. To idiots.”
Sunday, February 26, 2006
Damn the Complacency...Full Speed Ahead
I cannot tell you exactly what the readership of this Blog is but I can tell you it has grown dramatically over the past few months. Hopefully, some credit goes to content and the fact we are trying to deal with an issue of importance to all of you: Your privacy. Particularly when it comes to your name and personal data.
My grass-roots movement believes you should have control over this private information and be paid each time it is sold. The goal is to pass federal legislation that will give individuals this control, but we are dealing with an unusually high level of complacency in the country today due to a number of reasons which include busy schedules and other priorities. I understand, but that does not alleviate the problem.
George Orwell did predict today’s identity crisis in his classic novel, 1984. Go to Jackie Jura’s site, “Orwell Today,” for some fascinating reading about Big Brother’s Surveillance activities. Anything the main character, Winston, did was being observed by the Party. It doesn’t take a rocket scientist to see the stark similarity between this and Bush’s use of spying techniques at the National Security Administration (NSA).
If you look up the word complacency in the dictionary, it is defined as a “quiet satisfaction; contentment; often self-satisfaction, or smugness.” I like the last one, smugness, because many of us are smug in our feeling that there’s no way we could “really” lose our privacy rights in this great country. And then came the Patriot Act, followed by the massive personal data breaches of 2005, and most recently, the NSA spying.
I received a comment recently that expresses Orwell’s hopelessness in 1984. The responder said: “Jack it will not get any better.” This was a reflection on the greed of the merchants of your name and personal data, and how money is the only object. There was another bit of pessimism I share, the fact your data will never be secure. Your protection and privacy will always play second fiddle to the bottom line. Unless…we all join together to take control over this private information.
Maybe it is time for an independent political party based on individual privacy, with a platform of all citizens taking control over their names and personal data, and at the same time getting a piece of the action. Something to rev up the masses and get some action on this issue! We could combine the stand on privacy with other topics of concern like animal rights, environmentalism and political reform, to name a few.
I would really like to hear your comments on this idea, since the general attitude toward politics today is that we need drastic changes from the top down. Based on the unsatisfactory track record of the Republican and Democratic Congressional leaders, and, certainly, the incompetence of the current administration, people are ready for change. So, please send your comments re. whether you are open to an independent party concept that would include the protection of your privacy.
You might be interested in the fact that fifty years ago, when party identification was a badge of honor, only 23 percent of the population was registered as independent. Today it is 40 percent, which reflects the enormous dissatisfaction level Americans have with the two major parties. We need to develop a new kind of politics, constitutionally rooted, and with a return to the values promised all of us by the 4th Amendment: “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated…”
However, we can’t do it with a complacency level that far outweighs the commandeering of our privacy on a daily basis by government and business. You be the judge and let me know.
My grass-roots movement believes you should have control over this private information and be paid each time it is sold. The goal is to pass federal legislation that will give individuals this control, but we are dealing with an unusually high level of complacency in the country today due to a number of reasons which include busy schedules and other priorities. I understand, but that does not alleviate the problem.
George Orwell did predict today’s identity crisis in his classic novel, 1984. Go to Jackie Jura’s site, “Orwell Today,” for some fascinating reading about Big Brother’s Surveillance activities. Anything the main character, Winston, did was being observed by the Party. It doesn’t take a rocket scientist to see the stark similarity between this and Bush’s use of spying techniques at the National Security Administration (NSA).
If you look up the word complacency in the dictionary, it is defined as a “quiet satisfaction; contentment; often self-satisfaction, or smugness.” I like the last one, smugness, because many of us are smug in our feeling that there’s no way we could “really” lose our privacy rights in this great country. And then came the Patriot Act, followed by the massive personal data breaches of 2005, and most recently, the NSA spying.
I received a comment recently that expresses Orwell’s hopelessness in 1984. The responder said: “Jack it will not get any better.” This was a reflection on the greed of the merchants of your name and personal data, and how money is the only object. There was another bit of pessimism I share, the fact your data will never be secure. Your protection and privacy will always play second fiddle to the bottom line. Unless…we all join together to take control over this private information.
Maybe it is time for an independent political party based on individual privacy, with a platform of all citizens taking control over their names and personal data, and at the same time getting a piece of the action. Something to rev up the masses and get some action on this issue! We could combine the stand on privacy with other topics of concern like animal rights, environmentalism and political reform, to name a few.
I would really like to hear your comments on this idea, since the general attitude toward politics today is that we need drastic changes from the top down. Based on the unsatisfactory track record of the Republican and Democratic Congressional leaders, and, certainly, the incompetence of the current administration, people are ready for change. So, please send your comments re. whether you are open to an independent party concept that would include the protection of your privacy.
You might be interested in the fact that fifty years ago, when party identification was a badge of honor, only 23 percent of the population was registered as independent. Today it is 40 percent, which reflects the enormous dissatisfaction level Americans have with the two major parties. We need to develop a new kind of politics, constitutionally rooted, and with a return to the values promised all of us by the 4th Amendment: “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated…”
However, we can’t do it with a complacency level that far outweighs the commandeering of our privacy on a daily basis by government and business. You be the judge and let me know.
Sunday, February 19, 2006
And the Breach Goes On...53 Million and Counting
As if to the sound of trumpets and a rapid drum roll, the data breaches march on. Fifteen since the first of the year, according to the Privacy Rights Clearinghouse, bringing it to a total of over 53 million consumer names, since the ChoicePoint incident in February of 2005. A record to be proud of, if you are an ID thief. If you aren’t…appalling.
Let’s start with Ameriprise Financial, a late December 2005 happening, reported in ’06. A stolen laptop with data including 158,000 names, account and Social Security numbers. The Atlantis Resort in the Bahamas had 55,000 customer ID’s stolen; credit card and bank account numbers were involved. People’sBank of Connecticut lost a tape with data on 90,000 customers that included names, addresses, SS#’s, and checking account numbers. The Boston Globe newspaper says it accidentally released sensitive data on up to 227,000 subscribers, composed of names and credit card numbers.
But here’s one for the books. Providence Home Services, a medical services provider in Oregon, was relieved of tapes and disks holding confidential data on 365,000 patients, and, you probably guessed that it was Social Security numbers, some financial records, but this time…also clinical information. And here’s the stupid trick of the century. The data was stolen from a Providence employee’s car, because the company is apparently too cheap to maintain a backup in a secure location, like most large firms do. Providence gave the data to designated employees to take home nightly, instead. Now I’ve heard it all.
It is for the combination of data brokers’ faulty security, dishonest employees and just dumb moves like the above, that I started my grass-roots movement to pass federal legislation giving consumers control over their names and personal data. It is the only way to stop this madness.
All of these 2006 breaches occurred around the time the Federal Trade Commission (FTC) was levying a fine of $15 million against ChoicePoint, because its record-handling procedures violated consumers’ privacy rights and federal laws. ChoicePoint had three breaches in 2005, losing a total of 171,903 personal records. Throwing more fuel on the fire, the SEC is looking at stock trades made by Derek Smith, CP’s CEO, and Doug Curling, COO, due to a combined $16.6 million in profit they made after the first breach, but before making this public.
In the Golden State Blog, Michael Hiltzik reports on ChoicePoint’s move to get California’s 30 million vehicle registration records for their client, the U.S. Department of Homeland Security. This, after the state of Pennsylvania terminated this arrangement with CP in 2000, fining the company $1.4 million for selling some records to unauthorized purchasers. Hiltzik also talks about the awarding of an $845,500 contract to CP by California Attorney General Bill Lockyer at the same time he was investigating the company.
Your “friendly” Internal Revenue Service has apparently determined that ChoicePoint is OK, inaccurate data and all. The Government Computer News, in an article by Doug Beizer, notes that the IRS has awarded CP a contract to call up information such as your current and former address, property ownership records, bankruptcy, and liens or judgments against you. Based on my experience in junk mail, I know something about the transfer of data, based on the client’s needs. The IRS will have to supply CP with something to validate that they are receiving data on the correct individuals, and that would include a minimum of name and address and probably a Social Security number.
Back in March of 2005, Democratic Senator John Conyers, Jr. from Michigan requested an investigation of ChoicePoint contracts. I have “Googled” this subject from every angle and can find no action, which isn’t surprising, with the GOP’s emphasis on business interests, not the consumer. But Senator Conyers was on the right path. From the Electronic Privacy Information Center (EPIC), Pam Dixon of the World Privacy Forum states that ChoicePoint’s information reports have a very high error rate. Try 90 percent, and some of them are serious.
One breach victim, Elizabeth Rosen, caught errors on five of her six-page report. Richard Smith, a privacy expert, said his report contained more inaccurate than accurate data. Deborah Pierce was falsely listed with a “possible Texas criminal history.” So, are we agreed that our personal data is constantly in harm’s way and that ChoicePoint is only one of several data brokers that have it warehoused?
If your answer is yes, here’s another reason why you made the right choice. John Ashcroft, Bush’s former Attorney General who was barely confirmed by Congress for the job, is lobbying for ChoicePoint. Apparently Ashcroft’s incompetence makes no difference, since his alma mater, the Justice Department, awarded a multibillion-dollar contract to Oracle Corp. only a month after they hired Ashcroft. Most say the ex-AG is trivializing the office since he is the first in thirty years to take advantage of his former position. I say it’s purely greed, and ChoicePoint will also reap similar benefits to those of Oracle.
George Orwell’s 1984 did predict the present-day identity crisis. The current consumer mood that we can allow the use of our personal data by business and government in return for favors, but still maintain even a minimum of our privacy, is “doublethink” at its best. I am not asking for the moon. If I should not be in control of my name and personal data, who should? In the United Kingdom, it is the government. In the U.S. it is big business, and that should scare all of us right out of our complacency.
Let’s start with Ameriprise Financial, a late December 2005 happening, reported in ’06. A stolen laptop with data including 158,000 names, account and Social Security numbers. The Atlantis Resort in the Bahamas had 55,000 customer ID’s stolen; credit card and bank account numbers were involved. People’sBank of Connecticut lost a tape with data on 90,000 customers that included names, addresses, SS#’s, and checking account numbers. The Boston Globe newspaper says it accidentally released sensitive data on up to 227,000 subscribers, composed of names and credit card numbers.
But here’s one for the books. Providence Home Services, a medical services provider in Oregon, was relieved of tapes and disks holding confidential data on 365,000 patients, and, you probably guessed that it was Social Security numbers, some financial records, but this time…also clinical information. And here’s the stupid trick of the century. The data was stolen from a Providence employee’s car, because the company is apparently too cheap to maintain a backup in a secure location, like most large firms do. Providence gave the data to designated employees to take home nightly, instead. Now I’ve heard it all.
It is for the combination of data brokers’ faulty security, dishonest employees and just dumb moves like the above, that I started my grass-roots movement to pass federal legislation giving consumers control over their names and personal data. It is the only way to stop this madness.
All of these 2006 breaches occurred around the time the Federal Trade Commission (FTC) was levying a fine of $15 million against ChoicePoint, because its record-handling procedures violated consumers’ privacy rights and federal laws. ChoicePoint had three breaches in 2005, losing a total of 171,903 personal records. Throwing more fuel on the fire, the SEC is looking at stock trades made by Derek Smith, CP’s CEO, and Doug Curling, COO, due to a combined $16.6 million in profit they made after the first breach, but before making this public.
In the Golden State Blog, Michael Hiltzik reports on ChoicePoint’s move to get California’s 30 million vehicle registration records for their client, the U.S. Department of Homeland Security. This, after the state of Pennsylvania terminated this arrangement with CP in 2000, fining the company $1.4 million for selling some records to unauthorized purchasers. Hiltzik also talks about the awarding of an $845,500 contract to CP by California Attorney General Bill Lockyer at the same time he was investigating the company.
Your “friendly” Internal Revenue Service has apparently determined that ChoicePoint is OK, inaccurate data and all. The Government Computer News, in an article by Doug Beizer, notes that the IRS has awarded CP a contract to call up information such as your current and former address, property ownership records, bankruptcy, and liens or judgments against you. Based on my experience in junk mail, I know something about the transfer of data, based on the client’s needs. The IRS will have to supply CP with something to validate that they are receiving data on the correct individuals, and that would include a minimum of name and address and probably a Social Security number.
Back in March of 2005, Democratic Senator John Conyers, Jr. from Michigan requested an investigation of ChoicePoint contracts. I have “Googled” this subject from every angle and can find no action, which isn’t surprising, with the GOP’s emphasis on business interests, not the consumer. But Senator Conyers was on the right path. From the Electronic Privacy Information Center (EPIC), Pam Dixon of the World Privacy Forum states that ChoicePoint’s information reports have a very high error rate. Try 90 percent, and some of them are serious.
One breach victim, Elizabeth Rosen, caught errors on five of her six-page report. Richard Smith, a privacy expert, said his report contained more inaccurate than accurate data. Deborah Pierce was falsely listed with a “possible Texas criminal history.” So, are we agreed that our personal data is constantly in harm’s way and that ChoicePoint is only one of several data brokers that have it warehoused?
If your answer is yes, here’s another reason why you made the right choice. John Ashcroft, Bush’s former Attorney General who was barely confirmed by Congress for the job, is lobbying for ChoicePoint. Apparently Ashcroft’s incompetence makes no difference, since his alma mater, the Justice Department, awarded a multibillion-dollar contract to Oracle Corp. only a month after they hired Ashcroft. Most say the ex-AG is trivializing the office since he is the first in thirty years to take advantage of his former position. I say it’s purely greed, and ChoicePoint will also reap similar benefits to those of Oracle.
George Orwell’s 1984 did predict the present-day identity crisis. The current consumer mood that we can allow the use of our personal data by business and government in return for favors, but still maintain even a minimum of our privacy, is “doublethink” at its best. I am not asking for the moon. If I should not be in control of my name and personal data, who should? In the United Kingdom, it is the government. In the U.S. it is big business, and that should scare all of us right out of our complacency.
Friday, February 10, 2006
Alberto Gonzales, the "People's" Attorney General, Just Confirmed Bush's Ascension to BIG BROTHER
Attorney General Gonzales “testified” before the Senate Judiciary Committee this past Monday, “…refusing to answer even the simplest questions about the government’s illegal spying on Americans,” reports the American Civil Liberties Union. Still maintaining, lamely, as Bush has done repeatedly over the last few months, that the president already had the power to spy.
Responding to questions re. why the administration did not seek approval from the Foreign Intelligence Surveillance Act (FISA), “The short answer is: We didn’t think we had to, quite simply,” Gonzales said.
If you want an excellent guide to this fiasco, go to Tom Curry’s February article, “What is the NSA spying furor all about?” on MSNBC. There are 18 questions with answers that probe the very depths of this issue.
In a Slate February article, “Tapped Out,” by Patrick Keefe, he comments on the Justice Department’s refusal to furnish the Senate Judiciary Committee documents re. the legality of Bush’s warrantless eavesdropping. He goes on to compare the confrontation with the 1975 Church committee investigating the same issue code-named Shamrock, where the NSA enlisted the cooperation of then telecommunications giants RCA Global, ITT World Communications and Western Union.
When Church asked the telecom CEO’s to come to the committee and discuss Shamrock, they refused. The committee countered with subpoenas and they complied. Keefe makes the statement that Senator Arlen Specter, chairman of the investigating committee, should “invite” the CEO’s of AT&T and Verizon—why not all of them?—but thinks that probably won’t happen. Right now big business is very cozy with this administration’s position of cutting everyone out of the information loop but Bush loyalists.
Well, I think that Senator Specter had better consider talking to these companies, because they are the ones that control the mysterious “switches” that move telephone and e-mail traffic in and out of the U.S. Specter has even indicated his skepticism over Bush’s contention that he had the legal right to spy in another MSNBC article from the Associated Press in February, “GOP senator calls spying reasons ‘unrealistic”.
Exactly how much of our personal data is being filtered through these switches, and just how secure are they? Are there federal regulations that set minimum standards for protection? Are we sitting on another ChoicePoint/LexisNexis powder keg? Probably, and here’s why.
There are 113 mailing lists on the market under the general term “telecommunications.” They cover a broad range of lifestyles, some with your private information available, so I narrowed it to a few. They are all based on your land line telephone/cell phone number or your Internet address (ISP), and include all the major providers from AOL to Verizon. The personal data they collect varies from list to list, so reference to this will be general.
Among the lists I selected, they sell your age, ethnicity, phone number, income, occupation, education, how many long distance calls you made in and out of the U.S., medication taken and for what ailments, what you read and whether you gamble, where you travel, and more. This is, of course, only the data they sell, and does not include other private information you might have given up to get your telephones or Internet address. The point is, it’s all out there, winging through these secret switches, and grist for the ID thievery mill.
Common sense tells us that we have to make adjustments for immediate access to certain data by the government in national security cases involving individual privacy. My plan to pass federal legislation giving consumers control over their names and personal data makes this provision, but only with approval from the Foreign Intelligence Surveillance Act (FISA), which Bush conveniently skirted.
A little Congressional oversight might also be appropriate, along with individual notification. In other words, if everybody is checking everybody else, we just might be able to keep everybody honest.
Responding to questions re. why the administration did not seek approval from the Foreign Intelligence Surveillance Act (FISA), “The short answer is: We didn’t think we had to, quite simply,” Gonzales said.
If you want an excellent guide to this fiasco, go to Tom Curry’s February article, “What is the NSA spying furor all about?” on MSNBC. There are 18 questions with answers that probe the very depths of this issue.
In a Slate February article, “Tapped Out,” by Patrick Keefe, he comments on the Justice Department’s refusal to furnish the Senate Judiciary Committee documents re. the legality of Bush’s warrantless eavesdropping. He goes on to compare the confrontation with the 1975 Church committee investigating the same issue code-named Shamrock, where the NSA enlisted the cooperation of then telecommunications giants RCA Global, ITT World Communications and Western Union.
When Church asked the telecom CEO’s to come to the committee and discuss Shamrock, they refused. The committee countered with subpoenas and they complied. Keefe makes the statement that Senator Arlen Specter, chairman of the investigating committee, should “invite” the CEO’s of AT&T and Verizon—why not all of them?—but thinks that probably won’t happen. Right now big business is very cozy with this administration’s position of cutting everyone out of the information loop but Bush loyalists.
Well, I think that Senator Specter had better consider talking to these companies, because they are the ones that control the mysterious “switches” that move telephone and e-mail traffic in and out of the U.S. Specter has even indicated his skepticism over Bush’s contention that he had the legal right to spy in another MSNBC article from the Associated Press in February, “GOP senator calls spying reasons ‘unrealistic”.
Exactly how much of our personal data is being filtered through these switches, and just how secure are they? Are there federal regulations that set minimum standards for protection? Are we sitting on another ChoicePoint/LexisNexis powder keg? Probably, and here’s why.
There are 113 mailing lists on the market under the general term “telecommunications.” They cover a broad range of lifestyles, some with your private information available, so I narrowed it to a few. They are all based on your land line telephone/cell phone number or your Internet address (ISP), and include all the major providers from AOL to Verizon. The personal data they collect varies from list to list, so reference to this will be general.
Among the lists I selected, they sell your age, ethnicity, phone number, income, occupation, education, how many long distance calls you made in and out of the U.S., medication taken and for what ailments, what you read and whether you gamble, where you travel, and more. This is, of course, only the data they sell, and does not include other private information you might have given up to get your telephones or Internet address. The point is, it’s all out there, winging through these secret switches, and grist for the ID thievery mill.
Common sense tells us that we have to make adjustments for immediate access to certain data by the government in national security cases involving individual privacy. My plan to pass federal legislation giving consumers control over their names and personal data makes this provision, but only with approval from the Foreign Intelligence Surveillance Act (FISA), which Bush conveniently skirted.
A little Congressional oversight might also be appropriate, along with individual notification. In other words, if everybody is checking everybody else, we just might be able to keep everybody honest.
Thursday, February 02, 2006
This Administration Could Use Some Artificial Intelligence IV
I can’t seem to get off this subject. You might remember that the title stems from earlier articles that reveal this administration’s recent spying foray that was carried out by the National Security Administration. I reported that in their data mining for terrorist activity, they must have used an approach called artificial intelligence. It’s a form of predictive modeling we used in the junk mail industry to determine the habits of your everyday life, a technology that is just short of the human brain in its ability to reason.
I was ready to fight other dragons, until I heard Bush’s State of the Union message. It convinced me that he, thus the NSA, does not plan to back off from the steam-rolling collision course with the average citizen’s privacy. I repeat…average citizen.
Several polls have been taken re. whether the spying is right or wrong. Some count a majority for, some against. But it isn’t the international telephone call or e-mail to a terrorist that most citizens object to. It’s when innocent people get bundled into the NSA’s data mining operation that makes it wrong…and illegal. James Risen of the New York Times reported over 700 thousand people spied on over four years. Russell Tice, former NSA employee, says the eavesdropping could include millions of Americans.
Dan Eggan of The Washington Post wrote in a January 27 article, “Eavesdropping bill was abandoned in 2003,” that the Justice department was drafting legislation in 2003 to strengthen the USA Patriot Act, that would have provided legal justification for the current NSA spying. Bush, of course, had already issued the order to eavesdrop, but officials deny any connection. Sure. Why pass a law allowing you to do it if you’re already doing it?
To further confirm the wide sweep of spying activity, I refer to Risen’s December article in the New York Times that states: “…NSA technicians…have combed through large volumes of phone and Internet traffic in search of patterns that might point to terrorism suspects.” What this means is that the NSA data mining (artificial intelligence) gathers data on thousands, even millions of individuals, and puts this through the computer model.
But, in the modeling procedure, it is necessary to identify those individuals in which you are not interested, in order to find the ones you are targeting: the terrorists. In layman’s language, this is simply a matter of making comparisons for elimination. Therefore, innocent citizens are bundled into this enormous effort, with their personal data laid bare, just like the bad guys.
Back in December, the National Security Agency was caught placing persistent cookies on the computers of individuals visiting their Web site. “Persistent” means they hang around for a while, in this case until 2035. NSA did cease the practice once it was made known, but retained the use of temporary cookies that close when exiting the site. In a December 2005 Associated Press article, “Spy Agency Removes Illegal Tracking Files,” privacy advocates point out that cookies can also track Web surfing.
In 2003, the White House Office of Management and Budget prohibited any federal agency from using “persistent” cookies on their Web sites. Which makes this illegal, too. So, why isn’t Attorney General Gonzales at least looking into the possibility that someone is running amok at NSA? Or, was this whole mission of intrigue carefully planned from the beginning and approved right from the top?
CNN reported on December 19 in a piece titled, “Democrats call for investigation of NSA wiretaps,” that two prominent U.S. Senators, one a Republican, Arlen Specter, from Pennsylvania, the other Russ Feingold, Democrat from Wisconsin, have called for an independent panel to investigate the legality of Bush’s spying tactics. They are joined by House Minority Leader Nancy Pelosi; Minority Whip Steny Hoyer; Democratic Rep. John Conyers, the ranking member on the House Judiciary Committee; and Democratic Rep. Henry Waxman, ranking member on the House Committee on Government Reform.
Seems I remember reading somewhere that Bush welcomes the investigation. Either he’s mellowing out or Karl Rove has another spin cycle up his sleeve.
I was ready to fight other dragons, until I heard Bush’s State of the Union message. It convinced me that he, thus the NSA, does not plan to back off from the steam-rolling collision course with the average citizen’s privacy. I repeat…average citizen.
Several polls have been taken re. whether the spying is right or wrong. Some count a majority for, some against. But it isn’t the international telephone call or e-mail to a terrorist that most citizens object to. It’s when innocent people get bundled into the NSA’s data mining operation that makes it wrong…and illegal. James Risen of the New York Times reported over 700 thousand people spied on over four years. Russell Tice, former NSA employee, says the eavesdropping could include millions of Americans.
Dan Eggan of The Washington Post wrote in a January 27 article, “Eavesdropping bill was abandoned in 2003,” that the Justice department was drafting legislation in 2003 to strengthen the USA Patriot Act, that would have provided legal justification for the current NSA spying. Bush, of course, had already issued the order to eavesdrop, but officials deny any connection. Sure. Why pass a law allowing you to do it if you’re already doing it?
To further confirm the wide sweep of spying activity, I refer to Risen’s December article in the New York Times that states: “…NSA technicians…have combed through large volumes of phone and Internet traffic in search of patterns that might point to terrorism suspects.” What this means is that the NSA data mining (artificial intelligence) gathers data on thousands, even millions of individuals, and puts this through the computer model.
But, in the modeling procedure, it is necessary to identify those individuals in which you are not interested, in order to find the ones you are targeting: the terrorists. In layman’s language, this is simply a matter of making comparisons for elimination. Therefore, innocent citizens are bundled into this enormous effort, with their personal data laid bare, just like the bad guys.
Back in December, the National Security Agency was caught placing persistent cookies on the computers of individuals visiting their Web site. “Persistent” means they hang around for a while, in this case until 2035. NSA did cease the practice once it was made known, but retained the use of temporary cookies that close when exiting the site. In a December 2005 Associated Press article, “Spy Agency Removes Illegal Tracking Files,” privacy advocates point out that cookies can also track Web surfing.
In 2003, the White House Office of Management and Budget prohibited any federal agency from using “persistent” cookies on their Web sites. Which makes this illegal, too. So, why isn’t Attorney General Gonzales at least looking into the possibility that someone is running amok at NSA? Or, was this whole mission of intrigue carefully planned from the beginning and approved right from the top?
CNN reported on December 19 in a piece titled, “Democrats call for investigation of NSA wiretaps,” that two prominent U.S. Senators, one a Republican, Arlen Specter, from Pennsylvania, the other Russ Feingold, Democrat from Wisconsin, have called for an independent panel to investigate the legality of Bush’s spying tactics. They are joined by House Minority Leader Nancy Pelosi; Minority Whip Steny Hoyer; Democratic Rep. John Conyers, the ranking member on the House Judiciary Committee; and Democratic Rep. Henry Waxman, ranking member on the House Committee on Government Reform.
Seems I remember reading somewhere that Bush welcomes the investigation. Either he’s mellowing out or Karl Rove has another spin cycle up his sleeve.
Friday, January 27, 2006
This Administration Could Use Some Artificial Intelligence III
Even as we suffer the whims of an administration bent on prying into innocent citizens’ lives, Michael Isikoff of Newsweek magazine unpacks yet another spying machine, this time at the Pentagon. “The Other Big Brother” article in the January 30 issue, talks about how the Counterintelligence Field Activity (CIFA) tracked a harmless demonstration at Halliburton’s Houston headquarters. You remember Halliburton…Dick Cheney’s old stomping grounds and the company that was investigated for favoritism in Iraq contracts.
CIFA is complemented by one of former deputy Defense secretary Paul Wolfowitz’s brainchilds: an operation code-named TALON for Threat and Local Observation Notice. It was created in 2003 to collect raw information about suspicious incidents. There goes another database of personal data. Isikoff states that these “…activities are the latest in a series of disclosures about secret government programs that spy on Americans in the name of national security.”
In a recent Village Voice article, “No Place to Hide” by Nat Hentoff, the late, Senator Frank Church is quoted from a 1975 investigation of the NSA. Paraphrased, the Senator did not want the U.S. to cross the line on tyranny and that the NSA—or any agency possessing the technology to spy on individuals—should operate within the law, with supervision. He goes on to comment how this “abyss” is a point…”from which there is no return.” We may very well be on the edge.
The article quotes another recent piece by Ruth Marcus from the Washington Post that confirms that the National Security Administration, prior to Frank Church’s investigation, had been using a “watch list” of American citizens and organizations in connection with foreign communications for years. As Hentoff put it: “After Frank Church died, Congress dozed as the NSA flourished.” My take is that “dozing” has become a Congressional lifestyle when the issue makes it convenient, and the American consumer’s privacy rights have been neatly tucked away in the current labyrinth of meaningless legislation.
Apparently NSA’s technological capabilities are supported with ties to U.S. telecommunications companies that control the telecom “switches,” through which the majority of U.S. phone calls and e-mail traffic flow. Meta-tags—also used by search engines to define the subject of a query—are employed by NSA to determine the basic substance of a communication. Taken further, the agency uses sophisticated algorithms—artificial intelligence/neural networks—to analyze the phone calls and e-mails to find the bad guys.
So what’s the general consensus on the administration’s spying antics? One of the GOP’s own, Senator Arlen Specter, Republican from Pennsylvania, has skepticism over Bush’s domestic eavesdropping, and will hold hearings on the matter. The Democrats, of course, are all giddy, but it remains to be seen if they can turn this into a meaningful investigation. In a recent AP-Ipsos poll, 56 percent of the respondents said the government should have to get court warrants to eavesdrop, even when a communication is tied to terrorism.
Quoting again from the Village Voice article, Nat Hentoff says Thomas Jefferson has the answer: “The people…are the only sure reliance for the preservation of our liberty.” If we don’t start hearing from the “people” soon, it’s going to be too late, and George Orwell’s reluctant prophesy in 1984 will be fulfilled.
CIFA is complemented by one of former deputy Defense secretary Paul Wolfowitz’s brainchilds: an operation code-named TALON for Threat and Local Observation Notice. It was created in 2003 to collect raw information about suspicious incidents. There goes another database of personal data. Isikoff states that these “…activities are the latest in a series of disclosures about secret government programs that spy on Americans in the name of national security.”
In a recent Village Voice article, “No Place to Hide” by Nat Hentoff, the late, Senator Frank Church is quoted from a 1975 investigation of the NSA. Paraphrased, the Senator did not want the U.S. to cross the line on tyranny and that the NSA—or any agency possessing the technology to spy on individuals—should operate within the law, with supervision. He goes on to comment how this “abyss” is a point…”from which there is no return.” We may very well be on the edge.
The article quotes another recent piece by Ruth Marcus from the Washington Post that confirms that the National Security Administration, prior to Frank Church’s investigation, had been using a “watch list” of American citizens and organizations in connection with foreign communications for years. As Hentoff put it: “After Frank Church died, Congress dozed as the NSA flourished.” My take is that “dozing” has become a Congressional lifestyle when the issue makes it convenient, and the American consumer’s privacy rights have been neatly tucked away in the current labyrinth of meaningless legislation.
Apparently NSA’s technological capabilities are supported with ties to U.S. telecommunications companies that control the telecom “switches,” through which the majority of U.S. phone calls and e-mail traffic flow. Meta-tags—also used by search engines to define the subject of a query—are employed by NSA to determine the basic substance of a communication. Taken further, the agency uses sophisticated algorithms—artificial intelligence/neural networks—to analyze the phone calls and e-mails to find the bad guys.
So what’s the general consensus on the administration’s spying antics? One of the GOP’s own, Senator Arlen Specter, Republican from Pennsylvania, has skepticism over Bush’s domestic eavesdropping, and will hold hearings on the matter. The Democrats, of course, are all giddy, but it remains to be seen if they can turn this into a meaningful investigation. In a recent AP-Ipsos poll, 56 percent of the respondents said the government should have to get court warrants to eavesdrop, even when a communication is tied to terrorism.
Quoting again from the Village Voice article, Nat Hentoff says Thomas Jefferson has the answer: “The people…are the only sure reliance for the preservation of our liberty.” If we don’t start hearing from the “people” soon, it’s going to be too late, and George Orwell’s reluctant prophesy in 1984 will be fulfilled.
Friday, January 20, 2006
This Administration Could Use Some Artificial Intelligence II
You might remember from my last post that artificial intelligence is an advanced computer technology that parallels the human brain in its ability to reason. The National Security Agency uses—as do many other government agencies and data brokers—very sophisticated algorithms that can manipulate mountains of data and answer almost any question asked about your lifestyle, buying habits, whereabouts and more.
In my 35 years in the junk mail industry, this science grew from almost an abacus mentality to what is today the monster of artificial intelligence. It can be used for good, such as determining certain medical diagnoses, instead of using animals. But it can also be turned on the consumer as a spying technique, which I have experienced repeatedly from my junk mail background.
The terrorist threat is real and must be dealt with, but within the law. Section 215 of the USA Patriot Act, considered by some as bad law, does allow these incursions into our privacy by the FBI in seeking personal records. Judging from the recent flare-ups in Congress over 215, it may never become permanent, and, perhaps, rightfully so. On the other hand, NSA’s spying on innocent citizens is a move far worse than what is allowed under Section 215.
Let’s be honest. Since the FBI confirmed in October of 2001 that fifteen of the nineteen 9/11 hijackers were Saudis, all eyes have been on the Muslim community in the U.S. And, that is made much simpler by the junk mail list industry. There are 1,776 ethnic lists on the market, according to list authority Standard Rate & Data; 408 of them identified as Muslim, 398 Islamic, and 323 Arab. All have a home address, many with telephone number and e-mail address.
Now where would you go if you were the NSA and had captured a telephone call or e-mail containing the word, “jihad?” You’d go where the data is; a list that can match that telephone number or e-mail with a home address.
The big players are the giant data brokers like Acxiom, ChoicePoint and LexisNexis. Others who identify their customers as Arabs or Islamic are Harriet Carter catalog; Eddie Bauer; Smithsonian magazine; Entrepreneur magazine; Rodale, publishers of Prevention magazine; and Designer Checks. All completely legit, but just one more confirmation that your personal data, no matter what, is for sale.
The data brokers have developed a system for recognizing ethnic names from A to Z, and it is this process that junk mailers like Harriet Carter and Eddie Bauer use to identify and sell the ethnicity of their customers, even charging significantly for this right. They also know what products customers purchase and have the ability to enhance these names with a massive amount of demographic and personal data from the same data brokers. All of which is for sale, of course.
So how does this all impact on the NSA spying and FBI surveillance? I bought a book not too long after 9/11, Islam, A Short History, by Karen Armstrong, to try and understand what the people were thinking who did this. Because of Section 215 of the USA Patriot Act, which allows access to my purchase records, it is very likely that the NSA had my name on some list.
Further, there is a special friend I have made through blogging in Bangladesh, and he has some pretty strong opinions on U.S. global actions, some of which I agree with. We have shared numerous e-mails during 2005, some of which include his editorials critical of the U.S policy in Iraq. I have responded with some of my own criticisms. No doubt, those e-mails were intercepted.
I don’t recall any wiretaps or having been followed—if they did, they certainly got bored in a hurry—but I really can’t say for sure. If the Bush administration really wants to know what I stand for, all they have to do is call me. I’ll tell them it isn’t for some of the things they have been doing in the last four or five years.
In my 35 years in the junk mail industry, this science grew from almost an abacus mentality to what is today the monster of artificial intelligence. It can be used for good, such as determining certain medical diagnoses, instead of using animals. But it can also be turned on the consumer as a spying technique, which I have experienced repeatedly from my junk mail background.
The terrorist threat is real and must be dealt with, but within the law. Section 215 of the USA Patriot Act, considered by some as bad law, does allow these incursions into our privacy by the FBI in seeking personal records. Judging from the recent flare-ups in Congress over 215, it may never become permanent, and, perhaps, rightfully so. On the other hand, NSA’s spying on innocent citizens is a move far worse than what is allowed under Section 215.
Let’s be honest. Since the FBI confirmed in October of 2001 that fifteen of the nineteen 9/11 hijackers were Saudis, all eyes have been on the Muslim community in the U.S. And, that is made much simpler by the junk mail list industry. There are 1,776 ethnic lists on the market, according to list authority Standard Rate & Data; 408 of them identified as Muslim, 398 Islamic, and 323 Arab. All have a home address, many with telephone number and e-mail address.
Now where would you go if you were the NSA and had captured a telephone call or e-mail containing the word, “jihad?” You’d go where the data is; a list that can match that telephone number or e-mail with a home address.
The big players are the giant data brokers like Acxiom, ChoicePoint and LexisNexis. Others who identify their customers as Arabs or Islamic are Harriet Carter catalog; Eddie Bauer; Smithsonian magazine; Entrepreneur magazine; Rodale, publishers of Prevention magazine; and Designer Checks. All completely legit, but just one more confirmation that your personal data, no matter what, is for sale.
The data brokers have developed a system for recognizing ethnic names from A to Z, and it is this process that junk mailers like Harriet Carter and Eddie Bauer use to identify and sell the ethnicity of their customers, even charging significantly for this right. They also know what products customers purchase and have the ability to enhance these names with a massive amount of demographic and personal data from the same data brokers. All of which is for sale, of course.
So how does this all impact on the NSA spying and FBI surveillance? I bought a book not too long after 9/11, Islam, A Short History, by Karen Armstrong, to try and understand what the people were thinking who did this. Because of Section 215 of the USA Patriot Act, which allows access to my purchase records, it is very likely that the NSA had my name on some list.
Further, there is a special friend I have made through blogging in Bangladesh, and he has some pretty strong opinions on U.S. global actions, some of which I agree with. We have shared numerous e-mails during 2005, some of which include his editorials critical of the U.S policy in Iraq. I have responded with some of my own criticisms. No doubt, those e-mails were intercepted.
I don’t recall any wiretaps or having been followed—if they did, they certainly got bored in a hurry—but I really can’t say for sure. If the Bush administration really wants to know what I stand for, all they have to do is call me. I’ll tell them it isn’t for some of the things they have been doing in the last four or five years.
Friday, January 13, 2006
This Administration Could Use Some Artificial Intelligence
I’ve stayed out of the Bush spy scandal because it didn’t really relate to what this blog is all about: your right to control your name and personal data. That is, until I read the latest article in the January 9 issue of Newsweek: “Full Speed Ahead” by Evan Thomas and Daniel Klaidman.
Tucked away on page 26 of the magazine piece was a reference to a secret project the National Security Agency is working on that involves data mining. In lay persons’ terms that means looking at all the data available—your name and personal information—and finding a pattern to how you conduct your everyday life. Of course, the exclaimed purpose in doing this is to catch the “bad guys.” Apparently, even if it snares the “good guys.”
According to New York Times reporter, James Risen, NSA was spying on 500 people in the U.S. each day for up to four years. Folks, that’s 730,000 individuals, and, this is overkill in anyone’s language. You can read Risen’s interview with NBC’s Andrea Mitchell: “Reporter defends release of NSA spy program.”
And then on Nightline January 10, a twenty-year employee of the NSA, Russell Tice, says the eavesdropping could include millions of Americans, if the agency used the full range of their technology. He goes on to indicate that the surveillance would occur if you placed any overseas communication.
I can shed more light on the sophisticated data mining techniques employed by government and business—sometimes called artificial intelligence, or neural networks—because I did this for twenty years in the junk mail industry. Data brokers like ChoicePoint and LexisNexis are the veterans of data mining and much of what the National Security Agency uses was probably developed by business. So exactly what happens to your name and private information when someone wants to pry into your affairs?
The data may be assembled from several locations, including data brokers, but the data mining—sometimes referred to as predictive modeling—will be done in one location where all the work is conducted by one or more individuals. Once the modeler collects the names and personal data on the profile of individuals to be analyzed, it is fed into the data mining software. Although this is somewhat oversimplified, the technician then “hits the button” that unleashes a technology that is just short of the human brain in its ability to reason; thus, the term “artificial intelligence.”
The scenario goes something like this. Borrowing again from the Russell Tice, Nightline interview, if you mentioned the word “jihad” in any of your overseas telephone or e-mail conversations, your name and private information would be set aside for close scrutiny. Based on what the data brokers know about you—and that is voluminous—the NSA can track almost every movement of your day.
Start with what time you get up in the morning, because they know your occupation, where you work, where you live, and how long it takes you to get to work. They know if you exercise, how many kids you get ready for school, including their ages, and if you have a pet to feed. They have your make and model of car, the balance due, and where it is financed.
Your bank account records can be searched for large deposits, or your mortgage looked at for any unusual activity. Credit card charges reveal just about anything you have done, or any place you have traveled, eaten, or attended for entertainment. If you are a frequent traveler or take cruises, they know where you go and for how long you are gone. If you invest in a suspicious stock or contribute to a charity on NSA’s list, that will be noted.
There are records of your drinking, gambling and smoking habits, and what your political preferences are. It is known if you are a veteran, whether you own a gun or a camera, what music you like, what food you eat, and which magazines and books you read. Any ailments you have are documented, and as many as 150 medications you might be taking.
There’s more, and I will cover this in my next post. The focus will be on the ability of the junk mail list industry to target certain ethnic groups, and how this personal data can be accessed by the FBI, thanks to Section 215 of the USA Patriot Act. It is one of the provisions recently fought over passionately in Congress.
Tucked away on page 26 of the magazine piece was a reference to a secret project the National Security Agency is working on that involves data mining. In lay persons’ terms that means looking at all the data available—your name and personal information—and finding a pattern to how you conduct your everyday life. Of course, the exclaimed purpose in doing this is to catch the “bad guys.” Apparently, even if it snares the “good guys.”
According to New York Times reporter, James Risen, NSA was spying on 500 people in the U.S. each day for up to four years. Folks, that’s 730,000 individuals, and, this is overkill in anyone’s language. You can read Risen’s interview with NBC’s Andrea Mitchell: “Reporter defends release of NSA spy program.”
And then on Nightline January 10, a twenty-year employee of the NSA, Russell Tice, says the eavesdropping could include millions of Americans, if the agency used the full range of their technology. He goes on to indicate that the surveillance would occur if you placed any overseas communication.
I can shed more light on the sophisticated data mining techniques employed by government and business—sometimes called artificial intelligence, or neural networks—because I did this for twenty years in the junk mail industry. Data brokers like ChoicePoint and LexisNexis are the veterans of data mining and much of what the National Security Agency uses was probably developed by business. So exactly what happens to your name and private information when someone wants to pry into your affairs?
The data may be assembled from several locations, including data brokers, but the data mining—sometimes referred to as predictive modeling—will be done in one location where all the work is conducted by one or more individuals. Once the modeler collects the names and personal data on the profile of individuals to be analyzed, it is fed into the data mining software. Although this is somewhat oversimplified, the technician then “hits the button” that unleashes a technology that is just short of the human brain in its ability to reason; thus, the term “artificial intelligence.”
The scenario goes something like this. Borrowing again from the Russell Tice, Nightline interview, if you mentioned the word “jihad” in any of your overseas telephone or e-mail conversations, your name and private information would be set aside for close scrutiny. Based on what the data brokers know about you—and that is voluminous—the NSA can track almost every movement of your day.
Start with what time you get up in the morning, because they know your occupation, where you work, where you live, and how long it takes you to get to work. They know if you exercise, how many kids you get ready for school, including their ages, and if you have a pet to feed. They have your make and model of car, the balance due, and where it is financed.
Your bank account records can be searched for large deposits, or your mortgage looked at for any unusual activity. Credit card charges reveal just about anything you have done, or any place you have traveled, eaten, or attended for entertainment. If you are a frequent traveler or take cruises, they know where you go and for how long you are gone. If you invest in a suspicious stock or contribute to a charity on NSA’s list, that will be noted.
There are records of your drinking, gambling and smoking habits, and what your political preferences are. It is known if you are a veteran, whether you own a gun or a camera, what music you like, what food you eat, and which magazines and books you read. Any ailments you have are documented, and as many as 150 medications you might be taking.
There’s more, and I will cover this in my next post. The focus will be on the ability of the junk mail list industry to target certain ethnic groups, and how this personal data can be accessed by the FBI, thanks to Section 215 of the USA Patriot Act. It is one of the provisions recently fought over passionately in Congress.
Friday, January 06, 2006
The Annual Business "Cover Your A_ _" Barrage
Talking about junk mail. The “This is how we protect your privacy” CYA's are hitting the mailbox at an alarming rate; great for the U.S. Postal Service but pure confusion for the poor consumer. Have you ever tried to read one, much less understand it? I’m going to try by analyzing a notice just received from Chase Bank, who recently acquired Bank One.
The first question of the privacy notice is: “What information do you have about me?” Chase’s answer is they capture info from your requests, transactions and credit history. They specify your income, account balances and a credit bureau report. My interpretation is they have a lot of private information on you, anything that you revealed to Chase or they can find out about you, and the three items mentioned are just the tip of the iceberg.
Question two: “How do you safeguard information about me?” The answer is it is kept under physical, electronic or procedural controls that comply with or exceed government standards. Further, they authorize employees, agents and contractors to get information about you only when they need it to do their work. And, Chase requires companies working for them to protect your information, using it only to perform Chase requested services. My take on this is that industry security is at a minimum based on the Bank of America lost tapes, a wide range of people have access to your data, and companies like ChoicePoint agree to protect your information.
Question three: “Is information about me shared within your family of companies?” Their answer: “Yes.” Then, “We may share information about you within our family as required or permitted by law.” Interpreted…supposedly it helps them in their marketing efforts on other products, and supposedly you get the same security as in the answer to number two.
Question four: “Is information about me shared with service providers and financial companies outside your family of companies?” Chase answer: Another emphatic “Yes.” But only as permitted by “that law,” they add. Companies included are in the marketing field and outside financial organizations with which Chase has certain agreements. My explanation…”that law” quoted is the same one that permitted at least one-hundred data breaches in 2005, exposing 54 million private consumer records.
Question five: “Is information about me shared with non-financial companies outside your family of companies?” There’s that decided “Yes” again. And, under “that law” we just analyzed in number four. The companies included are retailers, auto dealers, auto makers, direct marketers, membership clubs and publishers. Quick diagnosis tells me that Chase can “share” your information with a large number of businesses outside their firm, but, only as permitted by “that law.”
Question six: “Is information about me shared in any other ways?” “Yes” number four. Once again, “that law” is resurrected as their mandate for this catch-all provision. They share your data to protect you against fraud, respond to subpoenas, service your account, report to credit bureaus and with your consent. My response is that sharing your data is the basic reason the fraud exists to begin with. And folks, never, I repeat, never, ever give your consent for any personal data release over which you do not have complete control.
Question seven: “What choices do I have about information sharing?” There are two. The first is a classic argument for giving consumers control over their names and private information. Paraphrased…you can tell Chase not to share information about you outside the company but they still will, as “required” or “permitted” by “that law.” In the second choice, you can restrict data such as income, credit history, loans or employment being shared with the family of companies. But, of course, they still will share things like your name and address, bank transactions and balances, as well as surveys to which you might respond “within the family.”
It’s that term, “within their family of companies,” that worries me most about all these privacy policy notices. Most large organizations in the business community have subsidiaries established to handle specific functions such as marketing. They can operate as independent entities with profit and loss responsibility to the parent. I worked with one such company in the junk mail industry, and I can tell you that the marketing people were privy to just about every piece of data at the corporate level. Not that it wasn’t used properly, but just that all that personal data was available.
My point is that this kind of relationship places your private information in yet a different location, in another computer, accessible to a new group of individuals, with security standards we know have been challenged repeatedly in the past. There is reason for my concern.
If you remember an earlier post on this subject, there was an article link, “Forecast: ID Theft by Insiders to Grow Dramatically in ’06,” by Gene Koprowski, a leading computer security analyst, on TechNewsWorld.com. He writes: “…there will be increased theft of secure data by insiders, employees.” I rest my case.
The first question of the privacy notice is: “What information do you have about me?” Chase’s answer is they capture info from your requests, transactions and credit history. They specify your income, account balances and a credit bureau report. My interpretation is they have a lot of private information on you, anything that you revealed to Chase or they can find out about you, and the three items mentioned are just the tip of the iceberg.
Question two: “How do you safeguard information about me?” The answer is it is kept under physical, electronic or procedural controls that comply with or exceed government standards. Further, they authorize employees, agents and contractors to get information about you only when they need it to do their work. And, Chase requires companies working for them to protect your information, using it only to perform Chase requested services. My take on this is that industry security is at a minimum based on the Bank of America lost tapes, a wide range of people have access to your data, and companies like ChoicePoint agree to protect your information.
Question three: “Is information about me shared within your family of companies?” Their answer: “Yes.” Then, “We may share information about you within our family as required or permitted by law.” Interpreted…supposedly it helps them in their marketing efforts on other products, and supposedly you get the same security as in the answer to number two.
Question four: “Is information about me shared with service providers and financial companies outside your family of companies?” Chase answer: Another emphatic “Yes.” But only as permitted by “that law,” they add. Companies included are in the marketing field and outside financial organizations with which Chase has certain agreements. My explanation…”that law” quoted is the same one that permitted at least one-hundred data breaches in 2005, exposing 54 million private consumer records.
Question five: “Is information about me shared with non-financial companies outside your family of companies?” There’s that decided “Yes” again. And, under “that law” we just analyzed in number four. The companies included are retailers, auto dealers, auto makers, direct marketers, membership clubs and publishers. Quick diagnosis tells me that Chase can “share” your information with a large number of businesses outside their firm, but, only as permitted by “that law.”
Question six: “Is information about me shared in any other ways?” “Yes” number four. Once again, “that law” is resurrected as their mandate for this catch-all provision. They share your data to protect you against fraud, respond to subpoenas, service your account, report to credit bureaus and with your consent. My response is that sharing your data is the basic reason the fraud exists to begin with. And folks, never, I repeat, never, ever give your consent for any personal data release over which you do not have complete control.
Question seven: “What choices do I have about information sharing?” There are two. The first is a classic argument for giving consumers control over their names and private information. Paraphrased…you can tell Chase not to share information about you outside the company but they still will, as “required” or “permitted” by “that law.” In the second choice, you can restrict data such as income, credit history, loans or employment being shared with the family of companies. But, of course, they still will share things like your name and address, bank transactions and balances, as well as surveys to which you might respond “within the family.”
It’s that term, “within their family of companies,” that worries me most about all these privacy policy notices. Most large organizations in the business community have subsidiaries established to handle specific functions such as marketing. They can operate as independent entities with profit and loss responsibility to the parent. I worked with one such company in the junk mail industry, and I can tell you that the marketing people were privy to just about every piece of data at the corporate level. Not that it wasn’t used properly, but just that all that personal data was available.
My point is that this kind of relationship places your private information in yet a different location, in another computer, accessible to a new group of individuals, with security standards we know have been challenged repeatedly in the past. There is reason for my concern.
If you remember an earlier post on this subject, there was an article link, “Forecast: ID Theft by Insiders to Grow Dramatically in ’06,” by Gene Koprowski, a leading computer security analyst, on TechNewsWorld.com. He writes: “…there will be increased theft of secure data by insiders, employees.” I rest my case.
Wednesday, December 28, 2005
Winding Down the Worst Year Ever in ID Theft
I started The Dunning Letter on April 19 of this year and this will be post number 46, probably the last for 2005. It all started with my concept that federal legislation should be passed, giving consumers control over their names and personal data, and they should be paid for its use.
In the nine-month period, many things have happened in the identity crisis arena, but nothing of substance that would solve the problem. If you read my last blog, “Government and Business Want to Convince You 2+2=5,” you know that Congressional leaders have once again dropped the ball by putting ID theft legislation on hold.
And then the Los Angeles Times ran an article recently by Joseph Menn, “Data Brokers Press for U.S. Law,” that clearly shows these data merchants are running scared with the state laws that are popping up, the most recent in New York. You know there is something wrong when the junk mail industry supports laws that will regulate its business. What galls me is the fact that the industry is apparently cock-sure this Congress will pass something weak enough not to hurt them, but strong enough to supersede the more stringent state laws.
The latest major event in the identity crisis fiasco is the plight of Eric Drew, from Seattle, Washington. Eric was fighting leukemia in a cancer center when a technician decided the patient probably wouldn’t make it, surmised he wouldn’t need his identity any longer, and promptly stole it from hospital records, opening several credit accounts in his name. Well, Mr. Drew fooled him on both counts. His health improved and Eric fought back to catch the thief. The technician, Richard Gibson, is being prosecuted under a new law passed to protect patients’ privacy. You can read about it on two sites: “Dateline: The lowest scam,” on MSNBC, and “Cancer Patient Catches ID Thief,” on CBSNews.com.
If you consider the millions of patient records in thousands of doctors’ offices, hospitals and medical centers nationwide—many with minimum security—you begin to understand how the Eric Drew incident occurred. Medical databases are one of the largest storehouses of private information in the country, most with Social Security numbers from the days when we readily gave them up. Now these institutions have created the perfect formula for ID theft.
Finally, have to mention what I consider to be the most bizarre news from 2005. ChoicePoint, the company who introduced the new wave of identity theft in 2005, with three incidents totaling almost 172 thousand account records lost, wants to "acquire" state DMV motor vehicle registration records for their client, the U.S. Department of Homeland Security. (Actually, ChoicePoint already has them, something that will be covered in a futute blog) In a Los Angeles Times’ article, “Big Data Broker Eyes DMV Records,” by Michael Hiltzik, he reflects what probably most of us believe: “Given ChoicePoint’s history, should it be allowed anywhere near our motor vehicle records?”
Another piece in LAVoice.com, “The Peter Principle Lives (and then some): ChoicePoint to get DMV Data?” takes us back to the late ‘60’s and early ‘70’s when Dr. Lawrence Peter professed his belief that individuals will eventually be pushed to their highest level of incompetence, after which the competent few must deal with this inadequacy. It’s the primary reason I left corporate America years ago and never looked back.
You might also want to check Michael Hiltzik’s Golden State blog post, “Golden State Column: ChoicePoint and the Threat to Privacy,” where he also feels, “The real remedy is Congressional legislation…” He goes on to comment on ChoicePoint’s dual position of being both investigated by California Attorney General Bill Lockyer for the data breach, and at the same time awarded a contract worth over $845,000 to design a law enforcement database, also by Lockyer.
A sad year, 2005, but I am predicting that all this will change in 2006, when a fed-up public decides they won’t take it anymore. Join my grass-roots movement. Write your Congress person. Contact local TV, radio and newspapers. Tell them you want to see federal legislation passed that will give you control over your name and personal data. And, you want to be paid any time it is used.
Talk to you next year!
In the nine-month period, many things have happened in the identity crisis arena, but nothing of substance that would solve the problem. If you read my last blog, “Government and Business Want to Convince You 2+2=5,” you know that Congressional leaders have once again dropped the ball by putting ID theft legislation on hold.
And then the Los Angeles Times ran an article recently by Joseph Menn, “Data Brokers Press for U.S. Law,” that clearly shows these data merchants are running scared with the state laws that are popping up, the most recent in New York. You know there is something wrong when the junk mail industry supports laws that will regulate its business. What galls me is the fact that the industry is apparently cock-sure this Congress will pass something weak enough not to hurt them, but strong enough to supersede the more stringent state laws.
The latest major event in the identity crisis fiasco is the plight of Eric Drew, from Seattle, Washington. Eric was fighting leukemia in a cancer center when a technician decided the patient probably wouldn’t make it, surmised he wouldn’t need his identity any longer, and promptly stole it from hospital records, opening several credit accounts in his name. Well, Mr. Drew fooled him on both counts. His health improved and Eric fought back to catch the thief. The technician, Richard Gibson, is being prosecuted under a new law passed to protect patients’ privacy. You can read about it on two sites: “Dateline: The lowest scam,” on MSNBC, and “Cancer Patient Catches ID Thief,” on CBSNews.com.
If you consider the millions of patient records in thousands of doctors’ offices, hospitals and medical centers nationwide—many with minimum security—you begin to understand how the Eric Drew incident occurred. Medical databases are one of the largest storehouses of private information in the country, most with Social Security numbers from the days when we readily gave them up. Now these institutions have created the perfect formula for ID theft.
Finally, have to mention what I consider to be the most bizarre news from 2005. ChoicePoint, the company who introduced the new wave of identity theft in 2005, with three incidents totaling almost 172 thousand account records lost, wants to "acquire" state DMV motor vehicle registration records for their client, the U.S. Department of Homeland Security. (Actually, ChoicePoint already has them, something that will be covered in a futute blog) In a Los Angeles Times’ article, “Big Data Broker Eyes DMV Records,” by Michael Hiltzik, he reflects what probably most of us believe: “Given ChoicePoint’s history, should it be allowed anywhere near our motor vehicle records?”
Another piece in LAVoice.com, “The Peter Principle Lives (and then some): ChoicePoint to get DMV Data?” takes us back to the late ‘60’s and early ‘70’s when Dr. Lawrence Peter professed his belief that individuals will eventually be pushed to their highest level of incompetence, after which the competent few must deal with this inadequacy. It’s the primary reason I left corporate America years ago and never looked back.
You might also want to check Michael Hiltzik’s Golden State blog post, “Golden State Column: ChoicePoint and the Threat to Privacy,” where he also feels, “The real remedy is Congressional legislation…” He goes on to comment on ChoicePoint’s dual position of being both investigated by California Attorney General Bill Lockyer for the data breach, and at the same time awarded a contract worth over $845,000 to design a law enforcement database, also by Lockyer.
A sad year, 2005, but I am predicting that all this will change in 2006, when a fed-up public decides they won’t take it anymore. Join my grass-roots movement. Write your Congress person. Contact local TV, radio and newspapers. Tell them you want to see federal legislation passed that will give you control over your name and personal data. And, you want to be paid any time it is used.
Talk to you next year!
Thursday, December 22, 2005
Government and Business Want to Convince You 2+2=5
In George Orwell’s 1984, the “Party” had achieved its ultimate goal of transformation when its members confirmed that they believed 2+2=5. Just saying they believed was not enough. And if the Party wasn’t assured of this belief, people had a way of disappearing, as if they had never existed.
Fortunately, we don’t have to be afraid today that government will make us vanish without a trace, but it, along with certain business interests, is still using the same tactics to destroy our right to privacy. Let me explain my reasoning, starting with government.
A recent article on InternetNews.com, “House Tables Data-Breach Law Talk,” by Roy Mark, pretty much says it all. It fizzled, according to Mark, because Democrats opposed the fact that it “lacks enforcement teeth.” They are right, because the law does not include the one factor that will insure that the legislation is both powerful and lasting, and that is… giving control of their name and personal data to the consumer.
Another article by the Counter Think organization, “Experts predict no data security bill will pass Congress in 2005,” agrees with Mark and makes an interesting comparison. They mention the California legislation responsible for exposing the ChoicePoint, LexisNexis, etc. breaches and the fact this law would be compromised in all currently proposed, weaker federal legislation. And the same applies to a recently passed New York law, the Information Security Breach and Notification Act, requiring consumer notification of data loss.
The Pennsylvania Public Interest Research Group (PIRG) is questioning that state’s Senate Bill 712, similar to California and New York, except, companies have to notify affected customers only if they “reasonably believe” the security breach will cause damage. The article in the Pittsburgh Post Gazette by Patricia Sabatini, “Security breach notification bill won’t protect consumers, group says,” reports that the governor is scheduled to sign it, regardless. Nobody listens to the experts. PIRG has been around since 1983 working at the state level to protect consumer interests.
The federal government and the present Congress and administration will delay any substantive action and/or legislation as long as the consumer remains apathetic and continues to accept the fact that their privacy is not a priority. Further, that they continue to condone the fact that their name and personal data can be sold or used in any way the government or business decides, and without question. In other words, the consumer be damned and the public is willing to live with it.
On the business side, it is not likely to clean up its act until it is forced to do so. I was in the junk mail industry for thirty-five years and I can assure you that the emphasis was always…get as much private information as possible on the individual and sell it to the highest bidder. Not …just how do we make sure the data collected is secure.
Since ChoicePoint started the parade in February of 2005, some other major contributors to the “loose security” brigade are: Bank of America; DSW Retail; LexisNexis; Ralph Lauren Polo/HSBC; Time Warner; Dept. of Justice; Citi Financial; CardSystems (biggest ever at 40 million data files); and TransUnion. According to Privacy Rights Clearinghouse, there have been ninety-six total breaches in 2005, totaling close to 54 million consumer records lost. And then there are the more recent.
On December 2, Sam’s Club, a division of Wal-Mart, disclosed that customers purchasing gas had experienced credit card fraud. In a Computerworld article by Jaikumar Vijayan, “Update: Security breach at Sam’s Club exposes credit card data,” he says an unspecified number affected had purchased gas between 9/21 and 10/2/05. Sam’s Club is working with Visa and MasterCard in their investigation.
And then on December 16, ABN AMRO Mortgage Group, a subsidiary of LaSalle Bank Corp., announced that a computer tape with personal data on 2 million customers, including Social Security numbers, was “missing.” Covered in a Detroit News article by Susan Tompor, “ABN AMRO data lost,” the tape was lost in November when DHL delivery service picked it up in transit to the Experian credit bureau. Fortunately, the tape was located by DHL but the question persists: where was it, and why was it lost?
There is only one way to protect the use of consumers’ names and personal data. Pass federal legislation to give the individual control over their name and private information. And, while we’re at it, compensate the name-holder for its use. Why not? The control provides protection against identity theft and the payback for selling this data can be used to supplement your Social Security.
Think about it and join my grass-roots effort to pass this legislation. Write your Congress person. Write letters to the editor of your local paper or call radio and TV stations’ consumer correspondents. Or, send me an e-mail at jack.dundiv@cox.net and I will see that your thoughts are known by Congressional leaders and the media.
Fortunately, we don’t have to be afraid today that government will make us vanish without a trace, but it, along with certain business interests, is still using the same tactics to destroy our right to privacy. Let me explain my reasoning, starting with government.
A recent article on InternetNews.com, “House Tables Data-Breach Law Talk,” by Roy Mark, pretty much says it all. It fizzled, according to Mark, because Democrats opposed the fact that it “lacks enforcement teeth.” They are right, because the law does not include the one factor that will insure that the legislation is both powerful and lasting, and that is… giving control of their name and personal data to the consumer.
Another article by the Counter Think organization, “Experts predict no data security bill will pass Congress in 2005,” agrees with Mark and makes an interesting comparison. They mention the California legislation responsible for exposing the ChoicePoint, LexisNexis, etc. breaches and the fact this law would be compromised in all currently proposed, weaker federal legislation. And the same applies to a recently passed New York law, the Information Security Breach and Notification Act, requiring consumer notification of data loss.
The Pennsylvania Public Interest Research Group (PIRG) is questioning that state’s Senate Bill 712, similar to California and New York, except, companies have to notify affected customers only if they “reasonably believe” the security breach will cause damage. The article in the Pittsburgh Post Gazette by Patricia Sabatini, “Security breach notification bill won’t protect consumers, group says,” reports that the governor is scheduled to sign it, regardless. Nobody listens to the experts. PIRG has been around since 1983 working at the state level to protect consumer interests.
The federal government and the present Congress and administration will delay any substantive action and/or legislation as long as the consumer remains apathetic and continues to accept the fact that their privacy is not a priority. Further, that they continue to condone the fact that their name and personal data can be sold or used in any way the government or business decides, and without question. In other words, the consumer be damned and the public is willing to live with it.
On the business side, it is not likely to clean up its act until it is forced to do so. I was in the junk mail industry for thirty-five years and I can assure you that the emphasis was always…get as much private information as possible on the individual and sell it to the highest bidder. Not …just how do we make sure the data collected is secure.
Since ChoicePoint started the parade in February of 2005, some other major contributors to the “loose security” brigade are: Bank of America; DSW Retail; LexisNexis; Ralph Lauren Polo/HSBC; Time Warner; Dept. of Justice; Citi Financial; CardSystems (biggest ever at 40 million data files); and TransUnion. According to Privacy Rights Clearinghouse, there have been ninety-six total breaches in 2005, totaling close to 54 million consumer records lost. And then there are the more recent.
On December 2, Sam’s Club, a division of Wal-Mart, disclosed that customers purchasing gas had experienced credit card fraud. In a Computerworld article by Jaikumar Vijayan, “Update: Security breach at Sam’s Club exposes credit card data,” he says an unspecified number affected had purchased gas between 9/21 and 10/2/05. Sam’s Club is working with Visa and MasterCard in their investigation.
And then on December 16, ABN AMRO Mortgage Group, a subsidiary of LaSalle Bank Corp., announced that a computer tape with personal data on 2 million customers, including Social Security numbers, was “missing.” Covered in a Detroit News article by Susan Tompor, “ABN AMRO data lost,” the tape was lost in November when DHL delivery service picked it up in transit to the Experian credit bureau. Fortunately, the tape was located by DHL but the question persists: where was it, and why was it lost?
There is only one way to protect the use of consumers’ names and personal data. Pass federal legislation to give the individual control over their name and private information. And, while we’re at it, compensate the name-holder for its use. Why not? The control provides protection against identity theft and the payback for selling this data can be used to supplement your Social Security.
Think about it and join my grass-roots effort to pass this legislation. Write your Congress person. Write letters to the editor of your local paper or call radio and TV stations’ consumer correspondents. Or, send me an e-mail at jack.dundiv@cox.net and I will see that your thoughts are known by Congressional leaders and the media.
Thursday, December 15, 2005
Another "Given" Bites the Dust: PENSIONS
If you are a young to middle-age employee of Verizon, and a manager with the company, you just lost your pension benefits and might be wondering about the future of your retirement. “Verizon to cut managers’ pensions,” is a recent article on C/Net News.com that seems to be predicting the future of corporate pension plans. And, Verizon is in completely sound financial condition.
The second largest telecommunications provider says the move will affect about 50,000 managers out of their 215,000 employees. Verizon’s Chairman and CEO Ivan Seidenberg says the action will enhance their ability to compete. They are also currently in the process of acquiring the long-distance carrier, MCI, so we see where the priority is.
I’m not faulting Verizon, nor am I justifying what they did. Other companies are doing it or are looking at the possibility. An Associated Press article on Newsday.com, “Companies look to freeze pensions,” reports that last year, 71 of the nation’s biggest firms froze or terminated pension plans, a 58 percent increase over 2003. In Verizon’s case, there are also cuts in retiree health care benefits.
The Newsday article states that Verizon tried to make the same move ten years ago, and the recent step has left several workers understandably angry and afraid. Continuing, it states that Sears, NCR, Circuit City and a division of Abbott laboratories have frozen pension plans for some or all employees and Hewlett-Packard said this past July it would do the same for some workers.
Scott Cohn, in his article on MSNBC, “Are pension promises a thing of the past?” is asking a very provocative question. He quotes a Motorola employee who lost a part of his pension as saying, “I got screwed.” Cohn goes on to add the troubled airline industry to the list of companies cutting retirement benefits. Not looking good for those of you that plan to take it easy in your golden years.
Which brings me back to my original premise: the solution is to pass federal legislation that will give consumers control over their names and personal data and pay them for its use. A double-barrel advantage of preventing ID theft and supplementing your retirement by $607 per month.
The junk mail industry alone grosses over $4 billion annually on your name and private information. Folks, this is year after year after year and growing with each new tidbit of information added to your dossier. And this doesn’t even include the non-junk mail companies, like the pharmaceutical industry, who have gotten into the business of selling your data.
The other benefit of having control over your name and personal data is that you can prevent the possibility of identity theft. You have the right to opt-in—not have to opt-out—to all uses of this data in a system of checks and balances that is both simplified and effective. For once, you can be assured that when your name and private information are being used, they are completely secure.
I’ve never done this before but here is my e-mail address: jack.dundiv@cox.net. Just click on it and send me a quick message with your thoughts, suggestions, comments or even criticisms. I will use your input to help convince Congressional leaders to pass this important federal legislation. Any reference to your message will remain completely anonymous and your name and e-mail address will never be sold or shared; you have my word.
The second largest telecommunications provider says the move will affect about 50,000 managers out of their 215,000 employees. Verizon’s Chairman and CEO Ivan Seidenberg says the action will enhance their ability to compete. They are also currently in the process of acquiring the long-distance carrier, MCI, so we see where the priority is.
I’m not faulting Verizon, nor am I justifying what they did. Other companies are doing it or are looking at the possibility. An Associated Press article on Newsday.com, “Companies look to freeze pensions,” reports that last year, 71 of the nation’s biggest firms froze or terminated pension plans, a 58 percent increase over 2003. In Verizon’s case, there are also cuts in retiree health care benefits.
The Newsday article states that Verizon tried to make the same move ten years ago, and the recent step has left several workers understandably angry and afraid. Continuing, it states that Sears, NCR, Circuit City and a division of Abbott laboratories have frozen pension plans for some or all employees and Hewlett-Packard said this past July it would do the same for some workers.
Scott Cohn, in his article on MSNBC, “Are pension promises a thing of the past?” is asking a very provocative question. He quotes a Motorola employee who lost a part of his pension as saying, “I got screwed.” Cohn goes on to add the troubled airline industry to the list of companies cutting retirement benefits. Not looking good for those of you that plan to take it easy in your golden years.
Which brings me back to my original premise: the solution is to pass federal legislation that will give consumers control over their names and personal data and pay them for its use. A double-barrel advantage of preventing ID theft and supplementing your retirement by $607 per month.
The junk mail industry alone grosses over $4 billion annually on your name and private information. Folks, this is year after year after year and growing with each new tidbit of information added to your dossier. And this doesn’t even include the non-junk mail companies, like the pharmaceutical industry, who have gotten into the business of selling your data.
The other benefit of having control over your name and personal data is that you can prevent the possibility of identity theft. You have the right to opt-in—not have to opt-out—to all uses of this data in a system of checks and balances that is both simplified and effective. For once, you can be assured that when your name and private information are being used, they are completely secure.
I’ve never done this before but here is my e-mail address: jack.dundiv@cox.net. Just click on it and send me a quick message with your thoughts, suggestions, comments or even criticisms. I will use your input to help convince Congressional leaders to pass this important federal legislation. Any reference to your message will remain completely anonymous and your name and e-mail address will never be sold or shared; you have my word.
Saturday, December 10, 2005
Make Your Holidays ID Theft Free
You don’t want to wake up Christmas morning with an ID thief under your tree. You may have already heard it a hundred times, but I’m going to say it again. Protect your name and personal data at all times, particularly in the rush of holiday purchases. That’s when you’re most likely to be victimized at the traditional retail locations.
Transactions occur so quickly that you can’t follow the trail of your credit card. A dishonest clerk can copy your account number without being caught and sell it to the crook who either uses it or resells the number. It’s a business, and even organized crime has been involved through bribing employees to steal your private information.
In an article on the TechNewsWorld site by Gene Koprowski, “Forecast: ID Theft by Insiders to Grow Dramatically in ’06,” he is predicting this increased activity by store personnel because retailers are not educating employees about the value of protecting consumer data. In my experience, you’re lucky during the holidays to find someone to help you with knowledge of what they are selling, much less being skilled in protecting your personal data.
Greg Simmons has written an article for FoxNews.com you should read: “Holiday Shoppers Vulnerable to ID Theft.” He tells you why you should worry about identity theft; it won’t hurt to review some of these time-tested bits of advice. He covers a range of possibilities where you can fall victim to the fraud and makes one excellent point: You have to be in control because police departments across the country do not have the officers for investigation.
You also need to make sure your on-line purchases are secure, dealing with companies either you know or those that come highly recommended by others. Always look for the “lock.”
According to the Identity Theft Resource Center, about 22 percent of victims reported their identity stolen from charges over the Internet in 2004, which was almost a ten-percent increase over 2003. Privacy Rights Clearinghouse estimates almost 2 million U.S. adult Internet users were victimized in 2004 and many consumers are beginning to weigh the risk against the convenience.
The above isn’t meant to frighten you into a corner where you are afraid to deal with the outside world. The purpose of all this advice is to make aware shoppers out of all of you so that you take command of your personal life. And, hopefully in 2006, we can convince Congress to give all consumers control over their names and personal data and pay them for its use.
Transactions occur so quickly that you can’t follow the trail of your credit card. A dishonest clerk can copy your account number without being caught and sell it to the crook who either uses it or resells the number. It’s a business, and even organized crime has been involved through bribing employees to steal your private information.
In an article on the TechNewsWorld site by Gene Koprowski, “Forecast: ID Theft by Insiders to Grow Dramatically in ’06,” he is predicting this increased activity by store personnel because retailers are not educating employees about the value of protecting consumer data. In my experience, you’re lucky during the holidays to find someone to help you with knowledge of what they are selling, much less being skilled in protecting your personal data.
Greg Simmons has written an article for FoxNews.com you should read: “Holiday Shoppers Vulnerable to ID Theft.” He tells you why you should worry about identity theft; it won’t hurt to review some of these time-tested bits of advice. He covers a range of possibilities where you can fall victim to the fraud and makes one excellent point: You have to be in control because police departments across the country do not have the officers for investigation.
You also need to make sure your on-line purchases are secure, dealing with companies either you know or those that come highly recommended by others. Always look for the “lock.”
According to the Identity Theft Resource Center, about 22 percent of victims reported their identity stolen from charges over the Internet in 2004, which was almost a ten-percent increase over 2003. Privacy Rights Clearinghouse estimates almost 2 million U.S. adult Internet users were victimized in 2004 and many consumers are beginning to weigh the risk against the convenience.
The above isn’t meant to frighten you into a corner where you are afraid to deal with the outside world. The purpose of all this advice is to make aware shoppers out of all of you so that you take command of your personal life. And, hopefully in 2006, we can convince Congress to give all consumers control over their names and personal data and pay them for its use.
Sunday, December 04, 2005
Babes in the ID Theft Woods
I had the opportunity recently to talk to someone who had been the victim of identity theft. When you are around it constantly, doing research and blogging the results, you begin to assume that everyone knows as much as you do. The irony of this situation came crashing home when my wife and I met a young girl that had been victimized.
To make things worse, she was sitting in the emergency room of a local hospital, alone, and very scared about a condition that had come on suddenly, which was quite debilitating. Her mother had dropped her off quickly and then left to take care of her daughter. To top everything off, she told us after relating the above, that someone had just stolen her identity and made charges to an account which had just been opened.
She didn’t have the slightest idea what her next move should be and she said she could not afford an attorney. The confusion we saw in her face said everything. That account someone had scammed was opened to buy her daughter Christmas presents and now the store had shut it down. Since the girl had not yet even received a credit card for the account, it had to be an inside job. We had to move on to take care of my wife’s father—who was also in the ER—but left her with some good advice we hope she remembers.
To emphasize the plight of this young girl and others like her, Gene Koprowski has written an article you can find on TechNewsWorld.com titled “Forecast: ID Theft by Insiders to Grow Dramatically in ’06.” He is a top security analyst and is predicting that, even though companies install more security safeguards, their employees will find ways to breach these obstacles and steal your personal data. Comforting.
Joseph Ansanelli of data security firm, Vontu, says in the piece that retail employees will begin to realize even more so in 2006 just how valuable your name and private information are, and, if not “trained” to protect this valuable asset, they will continue to make off with your data. You don’t “train” someone to be honest; they either are or they aren’t. Even if they are on the fence, the right offer could make them fall on the wrong side.
From another angle, and it isn’t clear yet just what that angle is, 3,623 consumers’ names with data were stolen from one of the big-three credit report companies, TransUnion. The unclear angle is that it wasn’t reported as an inside theft, but it was stolen from one of their regional offices in California, at least from under the noses of their employees. You can read Jonathan Krim’s article in the Washington Post: “Data on 3,000 Consumers Stolen With Computer.”
TU says the computer was probably the reason for the burglary, not the data. Sure. Computer value, probably at most $500. Data value, at least $10,000. This is the same credit reporting agency that sued the Federal Trade Commission in order to sell your name and personal information, including some credit data, which was in violation of the Fair Credit Reporting Act of 1970. They lost, appealed to a circuit court and lost again, and finally filed a petition for certiorari with the Supreme Court—which means, will the court hear their case—which was also denied.
So, I hope you can see where all this is going. Even if the data were secure within the facility where it is housed, you can still be victimized at the last point of contact, the retail clerk where you make your purchase, including the order-taker at the junk mail company from whom you order. But it isn’t safe with the data brokers, as evidenced by the recent theft from TransUnion and all the other ChoicePoint, LexisNexis, etc. events. And, Gene Koprowski in TechNewsWorld.com says it will just get worse in 2006.
The only answer is to pass federal legislation to give you control over your name and personal data. This will stop the identity crisis in its tracks and give consumers the confidence to work with organizations, when necessary, in the use of their private information. By the way, that legislation would also include paying you for its use.
To make things worse, she was sitting in the emergency room of a local hospital, alone, and very scared about a condition that had come on suddenly, which was quite debilitating. Her mother had dropped her off quickly and then left to take care of her daughter. To top everything off, she told us after relating the above, that someone had just stolen her identity and made charges to an account which had just been opened.
She didn’t have the slightest idea what her next move should be and she said she could not afford an attorney. The confusion we saw in her face said everything. That account someone had scammed was opened to buy her daughter Christmas presents and now the store had shut it down. Since the girl had not yet even received a credit card for the account, it had to be an inside job. We had to move on to take care of my wife’s father—who was also in the ER—but left her with some good advice we hope she remembers.
To emphasize the plight of this young girl and others like her, Gene Koprowski has written an article you can find on TechNewsWorld.com titled “Forecast: ID Theft by Insiders to Grow Dramatically in ’06.” He is a top security analyst and is predicting that, even though companies install more security safeguards, their employees will find ways to breach these obstacles and steal your personal data. Comforting.
Joseph Ansanelli of data security firm, Vontu, says in the piece that retail employees will begin to realize even more so in 2006 just how valuable your name and private information are, and, if not “trained” to protect this valuable asset, they will continue to make off with your data. You don’t “train” someone to be honest; they either are or they aren’t. Even if they are on the fence, the right offer could make them fall on the wrong side.
From another angle, and it isn’t clear yet just what that angle is, 3,623 consumers’ names with data were stolen from one of the big-three credit report companies, TransUnion. The unclear angle is that it wasn’t reported as an inside theft, but it was stolen from one of their regional offices in California, at least from under the noses of their employees. You can read Jonathan Krim’s article in the Washington Post: “Data on 3,000 Consumers Stolen With Computer.”
TU says the computer was probably the reason for the burglary, not the data. Sure. Computer value, probably at most $500. Data value, at least $10,000. This is the same credit reporting agency that sued the Federal Trade Commission in order to sell your name and personal information, including some credit data, which was in violation of the Fair Credit Reporting Act of 1970. They lost, appealed to a circuit court and lost again, and finally filed a petition for certiorari with the Supreme Court—which means, will the court hear their case—which was also denied.
So, I hope you can see where all this is going. Even if the data were secure within the facility where it is housed, you can still be victimized at the last point of contact, the retail clerk where you make your purchase, including the order-taker at the junk mail company from whom you order. But it isn’t safe with the data brokers, as evidenced by the recent theft from TransUnion and all the other ChoicePoint, LexisNexis, etc. events. And, Gene Koprowski in TechNewsWorld.com says it will just get worse in 2006.
The only answer is to pass federal legislation to give you control over your name and personal data. This will stop the identity crisis in its tracks and give consumers the confidence to work with organizations, when necessary, in the use of their private information. By the way, that legislation would also include paying you for its use.
Subscribe to:
Comments (Atom)
