[Vision2020] Fw: [Ed Foster's GripeLog] Congress Moves Toward Weaker Identity TheftLaws

Art Deco deco at moscow.com
Mon Jun 12 10:13:08 PDT 2006


----- Original Message ----- 
From: "Ed Foster" <foster at gripe2ed.com>
To: "Edfoster" <edfoster at gripe2ed.com>
Sent: Monday, June 12, 2006 9:27 AM
Subject: [Ed Foster's GripeLog] Congress Moves Toward Weaker Identity 
TheftLaws


> ========================================
> ED FOSTER'S GRIPELOG
> The Reader Advocate Column
> ========================================
>
> Congress Moves Toward Weaker Identity Theft Laws
>
> Monday, June 12, 2006
> By Ed Foster
>
> While it appears unlikely our Congress is going to do anything about
> immigration, gas prices, or the deficit anytime soon, as early as this
> week it might very well take action on another sore point for many
> Americans: privacy and identity theft. But, wouldn't you just know it,
> the approach our elected representatives seem most attached to is one
> that -- instead of strengthening privacy protection -- will actually
> deprive consumers of the most effective privacy protections we now have.
>
> With last Friday's disclosure of a long unreported Department of Energy
> data leak coming so soon after the massive Veteran Affaiars security
> breach, the pressure on Congress now to do something about privacy and
> data theft will surely be irresistible. A wide array of bills have been
> kicking around in the Senate and the House for months, including some we
> discussed earlier
> (http://www.gripe2ed.com/scoop/story/2006/2/14/03520/4905) that would
> replace strong laws in California and other states requiring that
> consumers be notified of security breaches involving their personal
> information.  Instead, most of these bills would pre-empt the state laws
> with a much weaker disclosure requirement that would leave it up to the
> organization that exposed your data to decide if the risk of identity
> theft is great enough to bother notifying you.
>
> As if that's not bad enough, observers expect a different bill that goes
> even further in weakening effective state privacy laws could be voted on
> by the House as early as this week.  H.R. 3997, the Financial Data
> Protection Act of 2006, will deliver a new level of protection all
> right, but it is protection for the financial institutions whose
> security failures put us at risk for identity theft.
>
> The really odd thing is that the House would consider H.R. 3997 a
> response to the VA case, as that theft is a good example of how the
> law's loopholes would let companies avoid notifying their customers of
> serious data breaches involving their data. "Under H.R. 3997, if a
> company does not know whether the theft puts individuals at risk for
> identity theft, it does not have to notify them," says Gail Hillebrand,
> senior attorney for Consumers Union. "Since the identity and purposes of
> the thief who took the VA laptop are unknown, the loopholes in 3997
> would let a private company in a similar situation say they don't know
> if consumers are at risk, so they don't have to tell."
>
> What's even worse, though, is that the law would also deprive citizens
> of some states of an effective countermeasure they can now take when
> they suspect they are a victim of identity theft. Seventeen states have
> already enacted security freeze laws that allow all consumers to put a
> freeze on their credit report files, thus stopping identity thieves from
> opening fraudulent accounts with the information they've stolen. It's
> one of the first things privacy experts suggest you do when you suspect
> your personal information has been exposed.
>
> The Financial Data Protection Act specifically pre-empts these security
> freeze laws, instead limiting credit freezes to consumers who are
> already known victims of identity theft. That makes almost no sense as a
> way of protecting consumers, because the security freeze is a preventive
> measure that's best used before stolen information is abused. If 3997
> were the law of the land right now, the 26 million veterans whose social
> security numbers were lost would not have the right to put a security
> freeze on their credit files. They would have to wait until they were
> victims -- what kind of "financial data protection" is that?
>
> Now, if you're a little confused as to why Congress would be so
> attracted to the idea of replacing effective state laws on identity
> theft with weak federal ones, then you just haven't been paying much
> attention to how your government works. It is of course the banks,
> databrokers, and other financial institutions whose indifferent security
> practices keep exposing our personal information that don't want to have
> to notify us when it happens. And it is of course the credit bureaus,
> credit card companies, etc. who don't want us to be able to freeze our
> credit files just because identity thieves might have our information.
> So we're talking about a lot of big companies with a lot of influence -- 
> i.e., money -- that they can spread around our nation's capital.
>
> H.R. 3997 has a number of other problems that make it by far the worst
> of the bills Congress is considering. You can read more about what
> Consumers Union thinks of the different bills -- and how you can express
> your concerns to your federal and state representatives -- at CU's
> FinancialPrivacyNow.org website. You might also want to consider
> visiting their privacy campaign's donation page
> (http://www.consumerreports.org/cro/donate/finpriv/home.htm), just in
> case you'd like to provide a bit of counterweight to the financial
> institutions' lobbying dollars.
>
> While Consumers Union believes that some of the bills before Congress
> might be close enough to make for a reasonable compromise with the
> tougher state laws, I personally hope that the feds will simply not pass
> any new laws. Our state privacy laws are already working pretty well,
> and they're getting more effective as more states catch on. So let's
> hope that Congress simply does nothing. Fortunately, along with sticking
> their palms out, doing nothing seems to be the one thing at which all
> our Congresspersons excel.
>
> ========================================
>
> Read this column on-line and post your comments at
> http://www.gripe2ed.com/scoop/story/2006/6/12/13439/5219 or write me
> directly at Foster at gripe2ed.com.
>
> ========================================
>
> Recently in my weblog:
>
> An Invite to a Symantec Bash
> Symantec has lately been going through something of a rough patch, if
> you'll pardon the expression. With Microsoft taking aim at its core
> market at the same time that security holes in Symantec's corporate
> products have been coming to light, it seems like everybody's been
> picking on them. And that's certainly all the invitation Gripe Line
> readers need to join the fun, so let me kick off this bash by offering
> another of my periodic collections of recent Symantec gripes from readers.
> http://www.gripe2ed.com/scoop/story/2006/6/6/0313/50169
>
> Hyperbowl DRM Still Making Kids Sad
> While the Microsofts, Symantecs, HPs and Dells make many appearances in
> the Gripe Line, one repeat performer I wouldn't have expected is
> software game vendor Hyperbowl. A couple of years ago I wrote about
> Hyperbowl's product activation depriving one reader's child of a
> favorite game. Unfortunately, a recent message from another reader shows
> that Hyperbowl has not changed its ways.
> http://www.gripe2ed.com/scoop/story/2006/6/8/161240/0441
>
> Earl Weaver on IT Management
> When you think about it, IT managers are really in the business of
> managing how their organizations change. How, for example, do you plan
> for an emerging technology like SaaS which might fizzle or might force
> you to throw out the book on everything you thought knew about IT. Well,
> there's a new book out that can give you some pointers on how to do so
> from some of the all-time great managers, such as Earl Weaver.
> http://www.gripe2ed.com/scoop/story/2006/5/29/0249/11582
>
> ========================================
>
> Copyright 2006 Ed Foster's GripeLog.  You are granted permission to
> forward this column to friends who would have an interest in this topic.
> To subscribe or unsubscribe to this newsletter, please visit:
> http://www.gripe2ed.com/mailman/listinfo/edfoster
>
> _______________________________________________
> Edfoster mailing list
> Edfoster at www.gripe2ed.com
> http://www.gripe2ed.com/mailman/listinfo/edfoster
>
> 



More information about the Vision2020 mailing list