Language Selection

English French German Italian Portuguese Spanish

Congress urged to boost identity theft safeguards

Filed under
Security

It takes only a few seconds for your financial identity to be stolen, but months to get it back and clean up the credit mess. Aware of consumers' frustration and fear, the government wants Congress to consider more protections.

Lawmakers should look at strengthening laws that govern the way companies store and use sensitive consumer data, the Federal Trade Commission recommended at a Senate hearing Thursday.

The agency's chairwoman, Deborah Platt Majoras, also endorsed the idea of a law requiring companies to tell consumers about a security breach when there is significant risk of identity theft.

California has a law that requires such notification; many other states are considering following suit.

Nearly 10 million people fall victim to identity theft annually, costing consumers $5 billion in out-of-pocket losses and businesses $48 billion, according to the FTC.

The nonprofit Identity Theft Resource Center estimates the average victim spends 600 hours trying to clear up credit problems. The center, based in San Diego, helps people recover from the crime.

Identity theft has become even more alarming for consumers in recent months with disclosures of data losses or possible breaches at CitiFinancial, Time Warner Inc., Wachovia Corp. and Ameritrade Holding Corp.

At the hearing, Majoras announced a settlement with BJ's Wholesale Club in a case the FTC said led to the theft of credit and debit card data involving thousands of customers. The data was used, the agency said, to make millions of dollars in illegal purchases.

BJ's, based in Natick, Mass., will not have to pay a fine. The company agreed to submit to outside security audits for 20 years and tighten protection of customer information.

``This information is like gold. It's as valuable as money these days and it ought to be treated that way,'' said Sen. Charles Schumer, D-N.Y., before the hearing by the Senate Commerce, Science and Transportation Committee.

Schumer and Sen. Bill Nelson, D-Fla., have introduced an identity theft bill that would require notification and higher security standards for personal data, such as encryption. Schumer also said the bill would impose fines on companies of up to $1,000 per customer violated.

Consumers Union, the publisher of Consumer Reports magazine, supports tougher security standards for companies as well as federal and state notification laws.

``What we're hearing from consumers really is a fear that even if they're doing everything right, they can still become a victim,'' said Susanna Montezemolo, a policy analyst with the group.
Experts say banks and other companies can do more.

``Without any question, some of the incidents that have occurred underscore the need for encryption, particularly when you're transmitting information electronically or tapes by delivery,'' said Rick Fischer, who has spent more than 30 years advising banks and other financial institutions on data security and privacy issues.

Associated Press

More in Tux Machines

Servo Night Builds Begin, Linux Packages Coming

The Mozilla developers working on the Servo browser layout engine and the Browser.html HTML-based web UI have kept to their goal of making a tech preview available in June. As of last night, the Servo developers hit their tech preview milestone we've been looking forward to seeing for months. Nightly builds of Servo and Browser.html have begun and they are going to be making available Linux packages shortly. Read more

Android Leftovers

Leftovers: OSS

  • Modern open source systems management
    Open source IT systems management is undergoing a renaissance. Adopters include global, household-name enterprises, as well as a groundswell of IT operations teams that are borrowing flexible, collaborative practices from the Agile software development movement. Some open source IT systems management tools are familiar to most admins, with broad adoption -- think Nagios or the Elasticsearch, Logstash and Kibana stack. Others -- Docker is a prime example -- burst onto the scene recently and are shaking up IT deployments.
  • Code Alliance connects nonprofits with tech volunteers
    Code Alliance is a Benetech initiative that connects technology professionals to volunteer opportunities with open source software projects for social good. On the first day of the CHI4GOOD conference, we brought over 40 projects to the San Jose Convention Center to participate in a hack4good Day of Service event. More than 100 developers, UX designers, and researchers came together to help our nonprofit cohort with their technological needs. The nonprofits benefitted from expert technical development work, and the volunteers were gracious, skilled, and excited to leverage their professional skills to give back.
  • Nonprofit's Open Source Designs Reduce Cost Barriers for Startups
    A project that originated in "The Middle of Nowhere, Missouri," as the founders call it, aims to lower the barrier to entry across a number of industries, all while maintaining a sustainable footprint. It's called Open Source Ecology (OSE), the brainchild of Marcin Jakubowski, founder of the Factor E Farm in Missouri where OSE is based.
  • The Open Building Institute - A Sustainable Way to Build Modular Housing
  • Open Building Institute is revolutionizing sustainable home building through open-source technologies
  • Pulp Smash Introduction
    Pulp Smash is a functional test suite for Pulp. It’s used by the Pulp developers and Pulp QE team on a daily basis. It’s implemented as a GPL licensed pure Python library, and getting started is as simple as installing Python and executing the following...
  • How Oracle’s business as usual is threatening to kill Java
    Stop me if you've heard this one before: Oracle has quietly pulled funding and development efforts away from a community-driven technology where customers and partners have invested time and code. It all seems to be happening for no reason other than the tech isn't currently printing money. It's a familiar pattern for open source projects that have become the property of Oracle. It started with OpenSolaris and continued with OpenOffice.org. And this time, it's happening to Java—more specifically to Java Enterprise Edition (Java EE), the server-side Java technology that is part of hundreds of thousands of Internet and business applications. Java EE even plays an integral role for many apps that aren't otherwise based on Java. For months as Oracle Corporation's attorneys have battled Google in the courts over the use of Java interfaces in Android's Davlik programming language, Oracle's Java development efforts have slowed. And in the case of Java EE, they've come to a complete halt. The outright freeze has caused concerns among companies that contribute to the Java platform and among other members of the Java community—a population that includes some of Oracle's biggest customers.
  • Friday's security updates

Openwashing