|
|
Cybertelecom
Federal Internet Law & Policy
An Educational Project
|
|
Fraud: ID Theft |
Internet compamies have become aware of the sensitivity of customers information. Posted privacy policies articulating care and handing of senstitive information have become common place. Options for handling information include restricting staff that has access to a business’s customer information to a few who have a need to know. Some companies conduct background checks on those who do have access to sensative information. If an employee pockets a few thousand credit card numbers as a result of sloppy information practices, the company could be liable as well. Appropriate questions could be, how is that information secured and stored, and how do you dispose of it when it is no longer needed.
Paper shredders now cost $40 down at the local office supply store (I bought one for Christmas and let my kids shred anything with personal information on it). Safes and locking file cabinets are also very affordable.
Ebusinesses regularly make security a part of the business plan. They consider consider the security of interactions with the public and of online transactions. Could any of the “sploits of the month” defeat security efforts and permit a skript kiddy to rifle through data? Organizations designate an individual on staff to be responsible for the security of the network and data. Security and firewall can be designed with the confidentiality of data in mind. If a project is big enough, one can conduct a security audit. There are also available voluntary trust programs, like the Better Business Bureau or Truste that show customers that a site is taking prudent precautions.
As subscribers go online with broadband connections and fixed IP addresses, they are increasingly vulnerable to intruders rifling through hard drives. ISPs are increasingly attempting to educate subscribers about the dangers of the barbarians online. Some have added a firewall to the service package provided to new customers and recommend to new subscribers that they keep their sensitive data on removable media, like key chain drives, that are not always attached to the computer.
There are a number of laws that deal with your customer’s information. The FCC’s Customer Proprietary Network Information rules prohibit telephone carriers from stealing this information from you when you order telephone service. The Electronic Communications Privacy Act (ECPA) governs when it is appropriate for you to turn information over to federal agents and what documents they have to present to you before you should supply that information Any children’s information collected online falls under the Children’s Online Privacy Protection Act.
Some ISPs make this a part of the training for customer support staff. After all, when customers have trouble with Netscape, who do they call? When customers worried about Y2K, who did they call? They called their ISP. Identity Theft has become so endemic that some ISPs provide an FAQ on your company website linking to the appropriate identity theft information.
"Under the Identity Theft and Assumption Deterrence Act, the Federal Trade Commission is responsible for receiving and processing complaints from people who believe they may be victims of identity theft, providing informational materials to those people, and referring those complaints to appropriate entities, including the major credit reporting agencies and law enforcement agencies. For further information, please check the FTC's identity theft Web pages . You can also call your local office of the FBI or the U.S. Secret Service to report crimes relating to identity theft and fraud." - USDOJ Identity Theft and Fraud
References
Laws
Federal Activity:
Hearings
Reports
Statistics
- FTC Report, National and State Trends in Fraud and Identity Theft Jan. - Dec. 2004 (Feb. 1, 2005)
Links
Papers
News
- Citibank ATM breach reveals PIN security problems, Globe and Mail 7/3/2008
- Identity 'at risk' on Facebook, BBC 5/1/2008
- Stolen Data So Plentiful, The Market For It Has Collapsed, Techdirt 4/10/2008
- Agencies Issue Final Rules on Identity Theft Red Flags and Notices of Address Discrepancy, FTC 11/1/2007
- Data miners 'dig' your life story, CNET 8/29/2007
- Identity attack spreads; 1.6M records stolen from Monster.com, CW 8/21/2007
- Loose-Lipped Facebookers Tell All to ID Thieves, Ecommerce Times 8/15/2007
- IRS Found Lax in Protecting Taxpayer Data, Wash Post 4/5/2007
- ID Thieves: Smarter by The Day, Internet News 3/8/2007
- Protecting Yourself Against Online Identity Theft, Newsfactor 2/6/2007
- VA investigating another missing hard drive, CW 2/6/2007
- U.S. identity theft losses fall: study, Register 2/1/2007
- ID Thefts Slam Online Brokers, CW 10/30/2006
- 'ID theft risk' on bank websites, BBC 10/24/2006
- AT&T Hack Part of Larger ID Theft Scam - 19,000 accounts 'immediately' used in phishing attempt, Broadband Reports 9/1/2006
- Teens Charged in VA Laptop Theft, Internet News 8/8/2006
- VA Suffers Another Data Loss, Wash Post 8/8/2006
- Stolen Lives: Identity Thief Finds Easy Money Hard to Resist, NYT 7/5/2006
- U.S. agency loses data containing 26 million IDs, Network World 5/23/2006
- Aetna says laptop stolen with data on 38,000 members, CW 4/28/2006
- ID Theft Hits 3.6 Million U.S. Households, Internet Week 4/5/2006
- IRS Notices More Identity Theft Attempts, Wash Post 3/14/2006
- People's Bank Loses Tape Containing Confidential Data, eweek 1/13/2006
- Bank tape lost with data on 90,000 customers, NWNetflash 1/13/2006
- Computer Theft Case Shows Database Perils, Wash Post 8/12/2005
- Congress Nears Final Identity Theft Legislation, eweek 7/22/2005
- ChoicePoint Data Scandal Costs Broker $11 Million, Internet Week 7/22/2005
- Not even 2, and girl has had identity stolen twice, USA Today 7/19/2005
- FTC chair's credit card info stolen in DSW data breach, USAToday 7/5/2005
- Senate Takes up Data Security Law, Internet news 6/15/2005
- Senate, FTC Push For Identity Theft Law, Internet Week 6/15/2005
- Banks Not Doing Enough To Stop ID Theft: Report, Internet Week 6/15/2005
- Congress considers identity theft legislation, USA Today 4/15/2005
- Ralph Lauren, HSBC in data breach debacle, Register 4/15/2005
- Congress Primed To Pass Laws Requiring Disclosure Of Data Thefts, Infoweek 4/15/2005
- Equifax chairman's compensation grows, Bizjournals 4/15/2005
- Data on 310,000 People Feared Stolen, Wash Post 4/11/2005
- New federal rules dictate bank ID theft notifications, Standard 3/29/2005
- FTC chief calls for ChoicePoint regulation, MSNBC 3/11/2005
- Senators rip into ChoicePoint, Bank of America, Infoworld 3/11/2005
- Shoe chain says customer data stolen, MSNBC 3/9/2005
- ID fraud touches one in four, BBC 3/4/2005
- Lawmakers call for ChoicePoint investigation, CW 3/4/2005
- Bank loses credit card info of 1.2M federal workers, CW 3/2/2005
- Missing Bank of America Tapes Underscore Encryption Need, Gartner 3/2/2005
- ID Theft Victims Could Lose Twice, Wired 2/25/2005
- ChoicePoint data theft widens to 145,000 people, CNET 2/22/2005
- ID theft scam spreads across USA, USA Today 2/22/2005
- Big ID Theft in California, Wired 2/18/2005
- Break-In at SAIC Risks ID Theft of Powerful, Wash Post 2/15/2005
- Online banking victim files suit; $90,000 lifted from account traced to Latvia, Sun Sentinel 2/8/2005
- Identity Theft Focus of National Consumer Protection Week 2005, FTC 2/8/2005
- Study: Most Identity Theft Occurs Offline, AP 2/1/2005
- Prison for Man Who Pleaded Guilty to ID Theft, Wash Post 1/11/2005
- Identity Theft Is Epidemic. Can It Be Stopped?, NYT 10/26/2004
- FTC Issues Alert about Identity Theft Scam, FTC 3/11/2004
- Congressman raises offshore ID theft concerns, CNET 2/26/2004
- ID Theft Triples, USA Today 10/27/2003
- ID theft undermining integrated terror watch lists, CW 10/3/03
- Study: ID Theft Goes Unrecognized, Internet News 9/24/03
- Identity Crisis, Wash Post 9/24/03
- Identity bills approved, USA Today 9/11/03
- FTC: Identity theft strikes 1 in 8 adults, CNN 9/5/03
- Identity theft explodes in US, BBC 7/23/03
- U.S.: Identity Theft Complaints Skyrocket, Newsfactor 1/24/03
- Identity theft raises questions about security, NWFusion 12/2/02
- Identity thieves strike eBay, CNET 11/20/02
- Online job listing an ID theft scam MSNBC 11/5/02
- Busboy pleads guilty to ID theft, CNET 10/3/02
- 'Sweeping' Up After Identity Theft, Newsfactor 8/14/02
- 13,000 Credit Reports Stolen by Hackers, NYT 5/17/02
- ID Thieves Mine For Gold On Jail Sites, MSNBC 5/13/02
- eBay identity theft hits close to home , CNN 2/20/02
- ID Theft, Web Scams Top Complaints, Newsfactor 1/24/02
- ID Theft, Web Auction Fraud Top FTC Consumer Complaints, Wash Tech 1/24/02
- Identity Theft Heads the FTC's Top 10 Consumer Fraud Complaints of 2001, FTC 1/24/02
- NAAG: Protect Yourself From Identity Theft Jan 2002
- Identity Thieves Thrive in Information Age, Washtech 06/01/01
- Social Security numbers at risk on the Net, CNET 5/23/01
- House Panel Looks at How to Stop Identity Theft, Newsfactor 5/23/01
- Radical solutions eyed in Net identity theft battle, USAToday 5/23/01
- Online identity thief caught in New York, CW 3/21/01
- IRS snafu raises fears of identity theft Mercury News , 1/26/01
- FTC To Host ID Theft Workshop Oct 20, 2000 newsbytes
- FTC: Net Contributes To Identity Theft C|NET 8/30
- Net Blamed for Identity Theft Spike InternetNews 8/30
- FTC: Identity theft, tech fraud up, CNN 1/23/2004
- FTC: ID Theft Remains Top Complaint, Wash Post 1/23/2004
|
|
