January 6, 2009
According to the California Office of Privacy Protection, over 8 million Americans were victims of identity theft in 2006. One million of those victims lived in California. Since 2005, CitiFinancial, TimeWarner, Choicepoint, Bank of America, Ameritrade, DSW Shoe Warehouse, Cardsystems, Department of Veterans Affairs, and other companies and agencies, have reported that they’ve lost the confidential financial information of over 90 million Americans.
Identity theft is one of the fastest growing crimes in America. Victims come from all walks of life – from everyday people to celebrities like Oprah Winfrey, Michael Jordan, Tiger Woods, Robert De Niro, Ted Turner, and Warren Buffet.
As technology increases so will the number of victims of identity theft. The places where our information is stored, and the ways that identity thieves can get at that information, continue to multiply. Easy availability of confidential financial information, coupled with sloppy credit-granting practices by creditors and credit bureaus, makes it easy for identity thieves to open accounts in our name.
Organizations today rely more on high-speed networks and mobile computing to increase the productivity of their workforce. Large volumes of information can be easily shared and accessed – anytime and anywhere. Unfortunately, many companies do not adequately secure confidential information. And many company employees keep confidential data on their laptops.
Consider that nearly 54 million units of business laptops were purchased for employees and shipped in 2008. Thousands of these laptops will be lost or left behind at airports, and 65-69 percent of them will go unclaimed. A 2008 Ponemon study revealed up to 12,000 laptop computers were lost weekly, and up to 600,000 lost annually at U.S. airports. Approximately 53 percent of surveyed mobile professionals carry confidential company information and 65 percent of those who do, don’t take steps to protect it. This data can include customer and consumer information.
Unless the data protections we have in place evolve and outpace new technologies, the problem of identity theft will only get worse.
What protections do Californians have? It is a felony in California to use the personal identifying information of another person without the authorization of that person for any unlawful purpose including to obtain credit, goods, services, or medical information. California also requires businesses and government agencies to notify consumers if hackers gain entry to computers that contain unencrypted personal information, such as credit card numbers, pass codes needed for use of personal accounts, Social Security numbers or driver’s license numbers. Under California law, notices must be given immediately following discovery of the privacy breach unless a law enforcement agency determines the notice would impede a criminal investigation. Any customer injured by a violation of the law may file civil suit to recover damages.
A security freeze
California and many other states require companies to immediately disclose “as soon as possible, without unreasonable delay” a data breach to customers, usually in writing. Also in California, there is a private right of action for a data breach. Last month, the U.S. House of Representatives passed the Data Accountability and Trust Act (DATA) (H.R. 2221). In its current form, DATA requires businesses to notify customers and the Federal Trade Commission (FTC) if sensitive information has been exposed to a security breach.
To investigate and prosecute identity theft, California operates five regional Hi-Tech Crimes Task Forces. The Attorney General also administers the statewide Identity Theft Registry to assist identity theft victims who are wrongfully identified as criminals. Through the California ID theft data base, law enforcement and anyone else designated by the victim can have quick official confirmation that the criminal history does not belong to the person.
Ultimately, the best protection against identity theft is a careful, alert consumer. Consumers should be extremely careful to whom they provide confidential information, including Social Security numbers, credit and debit card and bank account numbers. Thieves are constantly “phishing” for confidential information. Phishing is the attempt to obtain sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an e-mail purporting to be from popular social web sites, auction sites, online payment processors, or information technology (IT) administrators.
Consumers should carefully check their monthly credit and debit card and bank statements and immediately dispute unauthorized charges. Credit card holders have the protection of the Fair Credit Billing Act
It is also advisable to check your credit reports and dispute any credit report errors, pursuant to the Fair Credit Reporting Act
Consumers should also be careful how they throw away paperwork containing confidential information. It is a good idea to shred such documents.
Finally, if you are a victim of identity theft, I suggest that you follow the California Attorney General’s “Tips for Victims.”
Identity theft is a serious crime. It occurs when your personal information is stolen and used without your knowledge to commit fraud or other crimes. Identity theft can cost you time and money. It can destroy your credit and ruin your good name. By taking a few cautionary steps, you can deter, detect, and defend against identity theft.
The Hunger Site
January 8, 2010 at 9:27 am
What about protecting Californians and Americans in general from Moslem terrorism? Why is it that SF progressives have had no discussion of the significance of the Christmas Day attempt to blow up that airliner? Does Noam Chomsky teach that we shouldn’t even try to protect ourselves?
January 8, 2010 at 2:52 am
It is said but it looks like this in a real world. There are many people who gives all such details by phone when asked in a smart way.
January 7, 2010 at 9:30 am
Anyone else here reading “I.T. WARSâ€? I had to read parts of this book as part of my employee orientation at a new job. The book talks about a whole new culture as being necessary – an eCulture – for a true understanding of security, being that most identity/data breaches are due to simple human errors. It has a great chapter on security. Just Google “IT WARS†– check out a couple links down and read the interview with the author David Scott. (Full title is “I.T. WARS: Managing the Business-Technology Weave in the New Millenniumâ€).