Home :: Newsletters :: RSS Feeds :: About Us :: Advertise     
The Industry Standard News and Analysis for the Internet Economy
NEWS
METRICS
BLOGS
JOBS
EVENTS
        Internet News for Internet Business Monday, 04th of April, 2005   

  TOPICS
Technology
Media
Money
Politics
Opinion and Blogs


  Newsletter/RSS
Sign up today for the daily email newsletter:

Internet News
Metrics
Blogs
Jobs
Events
Trackback
What is this?


  BLOGS
Denise Howell
JD Lasica
Esme Vos
Scott Rafer
Ross Mayfield
Doc Searls
Seth Godin
Ashlee Vance
Matt McAlister
Tom Hespos
Mark Jones
Jen Muehlbauer
Cringe Worthy
Mark Frauenfelder
Declan McCullagh
Julene Snyder
Mark Glaser
Rafat Ali
Thomas Goetz
Mike Butcher
Jimmy Guterman

>> RSS Feed



  Archive

April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004

Recent Entries:
US PlayStation Portable sales top 500,000 in two days
Yahoo to support Wikipedia (Update)
AOL starts rolling out 'Net phone service
Google intros Q&A service
Microsoft creates tools to crack child porn cases



Previous Story: Intel founder: Silicon Valley no longer unique
Next Story: Yahoo delivers syndicated feeds to mobile devices

Senators rip into ChoicePoint, Bank of America
By Grant Gross

Several U.S. senators faulted ChoicePoint Inc. and Bank of America Corp. Thursday for recent large-scale identify thefts from the two companies, and some lawmakers called for national legislation that would regulate what data collection companies can do with private information.

Two Democratic members of the Senate Banking Committee, Senator Jon Corzine of New Jersey and Senator Charles Schumer of New York, announced plans to introduce legislation to regulate data brokers, companies that sell private information such as Social Security numbers and credit histories to law enforcement agencies, insurance companies, lenders and other businesses.

Speaking at a committee hearing, Senator Patrick Leahy, a Vermont Democrat, criticized ChoicePoint for failing to recognize legitimate customers after ID thieves using stolen identities set up businesses that requested hundreds of thousands of background check records from the company during 2004.

In mid-February, ChoicePoint disclosed that the identity thieves had gained access to the personal information of up to 145,000 U.S. residents. ChoicePoint maintains a 19-billion-item database including Social Security numbers, drivers license numbers and credit data.

"It was an irresponsible violation of the fiduciary relationship they have with their customers," Leahy said of ChoicePoint.

Leahy also criticized Bank of America's decision to transfer a digital tape containing private data on a commercial airline flight. In late February, Bank of America announced that, on a flight, it lost digital tapes containing the credit card account records of 1.2 million federal employees, including 60 U.S. senators.

Leahy questioned the apparently common practice in the financial industry of transferring such data on commercial flights, saying he's lost his luggage too many times to trust that airplane holds are secure. "I don't know what these people are thinking," Leahy said. "You can imagine how disillusioned their customers must feel that Bank of America didn't care any more about them."

Senator Paul Sarbanes, a Maryland Democrat, called ChoicePoint the "world's largest private intelligence operation."

In addition to the ChoicePoint and Bank of America incidents, LexisNexis' parent company, Reed Elsevier PLC, announced Wednesday that hackers compromised databases and stole the personal information of at least 32,000 people.

In the first of several likely congressional hearings on ID theft after the recent disclosures, representatives of ChoicePoint and Bank of America were scheduled to testify, but their appearances were rescheduled until next week after a conflict with several votes on the Senate floor.

Both companies, in written testimony, apologized for the ID thefts and said they've taken steps to ensure that similar incidents will not happen. Representatives of both companies said they welcome a debate on national privacy protection laws. "As Congress continues its work in this area, we stand ready as a company to cooperate with your efforts," ChoicePoint Vice President Don McGuffey said in written testimony.

In its statement, ChoicePoint detailed a series of steps it has taken since the breach, including its decision to stop selling sensitive consumer data to many of its customers, except when that data helps complete a consumer transaction or helps government or law enforcement.

Senator Dianne Feinstein, a California Democrat, in January introduced a bill that would require businesses and government agencies to notify the likely victim when there is a "reasonable basis to conclude" that a criminal has obtained unencrypted personal data. Her bill is similar to a California notification law passed in 2003, the only state law requiring companies to notify customers of data breaches.

But Barbara Desoer, executive for global technology, service and fulfillment with Bank of America, asked lawmakers in her written statement to be cautious about passing a law that would require immediate notification of a security breach.

"Our recent actions demonstrate our support of the conviction that customers have a right to know when their information may have been compromised, and that timely notification in the appropriate circumstances could help to minimize various risks," she wrote. "At the same time, we advise some caution regarding legislative solutions. In some instances a thorough investigation of the security may conclude there is no risk that the information was used for illegal purposes. In these instances, it is probably best to leave it to the discretion of the institution to decide if customers should be notified."

Deborah Platt Majoras, chairwoman of the U.S. Federal Trade Commission (FTC), agreed, saying that in some cases, computer hackers may attempt to crack databases for the sport of it, instead of attempting to steal personal data. "If we try to inform consumers of every single breach, for one thing, they're going to become numb to it," she said.

Platt Majoras acknowledged, however, that ID theft is a growing problem. The FTC estimated there were 10 million U.S. victims of ID theft between early 2002 and early 2003, at a total estimated cost of $53 billion to U.S. businesses and individuals.

"Isn't this one of the biggest robberies going on today?" asked committee chairman Richard Shelby, an Alabama Republican. "Traditional bank robbers are petty thieves compared to the aggregate of this, are they not?"

Platt Majoras agreed.

Of the two bills announced Thursday, Corzine's bill would require companies that lose private information to ID thieves to notify potential victims promptly. His Identity Theft Prevention and Victim Recovery Act would also require companies holding private information to establish security systems to protect that data. A high-level company executive would be required to personally attest to the security measures

Schumer's bill would establish an ID theft office at the FTC that would have jurisdiction over data brokers, he said. It would also require companies that sell consumer data to third parties to conspicuously display that information on the front of their Web sites.

Schumer said he was "utterly amazed" at the ease with which data collection companies give up private consumer data. "Every year, (ID theft) gets much worse and much worse and much worse, and yet, we're doing very little about it," he said. "Our laws are a patchwork quilt of state and federal laws that, frankly, don't do the job. It's the crime of choice these days."

Posted March 11, 2005 04:46 PM |



FREE Email Newsletter RSS Feeds
Sign up today for the
daily email newsletter:
Internet News
Metrics
Blogs
Jobs
Events
Trackback
What is this?





    ADDITIONAL RESOURCES:
    • Find reviews of digital cameras and download the latest graphics tools from PCWorld.
    • Astonish your colleagues with the latest technology news and trends from Computerworld.
    • Digital music that matters: chart-toppers and free audio files from Playlistmag.com.
    • Catch a daily glimpse behind the forces shaping the security business from CSOonline.com.
    • In-depth look at networking products, by Network World's team of independent reviewers.
    • Top reviews, analyses & evaluation of IT products by technology experts from InfoWorld.
    • Hot tech news with links to blogs and resources around the Internet on Lockergnome.

    MORE INTERNET NEWS LINKS


Home :: Newsletters :: RSS Feeds :: About TheStandard :: Advertise    
Copyright © 2004, TheStandard.com :: Terms and Conditions :: Privacy Policy