Read CU's testimony.">
Welcome to Consumer Reports Advocacy

For 85 years CR has worked for laws and policies that put consumers first. Learn more about CR’s work with policymakers, companies, and consumers to help build a fair and just marketplace at TrustCR.org

10 million Americans at risk of ID theft from data security breaches

CU outlines new safeguards needed to thwart ID theft. Read CU's testimony.

Thursday, June 16, 2005

Nearly 10 million Americans at risk of ID theft
from data security breaches this year

Tougher Consumer Safeguards Urged as Senate Commerce Committee
Holds 6/16 Hearing on Identity Theft

WASHINGTON, D.C. – Since ChoicePoint Inc., announced last February that sensitive records it maintained about consumers had fallen into the hands of crooks, nearly 10 million Americans have been put at risk of identity theft from such data security breaches. Consumers Union and the Privacy Rights Clearinghouse called on lawmakers today to enact legislation requiring notice to individuals whose information has been exposed through a security breach, stricter data security practices for information brokers, and tougher safeguards to thwart identity thieves.

“The ChoicePoint scandal was just the beginning of an avalanche of data security breaches that has left millions of Americans vulnerable to being ripped off by identity thieves,” said Susanna Montezemolo, Policy Analyst with Consumers Union’s Financial Privacy Now campaign. “It’s clear that consumers can’t always depend on companies to protect their personal information and need stronger safeguards to avoid becoming the next identity theft victim.”

Since ChoicePoint, Inc, announced that it had sold personal data on 145,000 consumers to an identity theft ring posing as legitimate businesses, many other data security breaches have come to light. Including the ChoicePoint case, sensitive data about 9,629,830 Americans has been lost or stolen since that time according to a chronology of security breaches compiled by Privacy Rights Clearinghouse (see: http://www.privacyrights.org/ar/ChronDataBreaches.htm). In the most recently reported incident, CitiFinancial announced on June 6 that it had lost computer back-up tapes containing sensitive information, including Social Security numbers, on 3.9 million customers.

Identity theft is no victimless crime, especially if crooks open new credit accounts using stolen identities. Victims pay, on average, about $1,400 and spend 600 hours cleaning up their credit records. In the meantime, they may have a tougher time getting a good interest rate on a car loan, home mortgage or credit card because of their tarnished credit record. Damaged credit records can even prevent victims from getting a job or apartment.

Consumers can only do so much to protect themselves from identity theft,” said Beth Givens, Executive Director of Privacy Rights Clearinghouse. “Companies that hold sensitive records about consumers must be held accountable for keeping this information safe and out of the hands of identity thieves.”

In testimony submitted to the Senate Commerce Committee, the groups urged lawmakers to enact legislation that would:

• Require notice of all security breaches: Impose requirements on businesses, nonprofits, and government entities to notify consumers when an unauthorized person has gained access to sensitive information pertaining to them.

• Require and monitor security: Impose strong requirements on information brokers to protect the information they hold and to screen and monitor the persons to whom they make that information available.

• Protect Social Security numbers: Restrict the sale, collection, use, sharing, posting, display and secondary use of Social Security numbers.

• Give consumers the right to freeze access to consumer credit files: Give all consumers the right to freeze their credit files so they can block access to their credit reports until they affirmatively unlock the files. This would help prevent identity thieves from opening new credit accounts in their victims’ names.

• Recognize the role of states: States have pioneered responses to new forms of identity crimes and risks to personal privacy. Congress should not inhibit states from adopting new identity theft and privacy safeguards.

A copy of the testimony submitted by Consumers Union and the Privacy Rights Clearinghouse is available by clicking here.

###

FOR MORE INFORMATION:
Susanna Montezemolo, CU – 202-462-6262
Gail Hillebrand, CU – 415-431-6747, ext 136
Beth Givens, PRC – 619-298-3396

IssuesMoney