New Legislation to Combat Identity Theft

coondoggie writes to tell us the Washington Post is reporting that new legislation in a numbers of states and the District of Columbia allows consumers to place a "security freeze" on their credit files. "For the millions of consumers who receive notice each year that their personal or financial data was lost or stolen, a preemptive security freeze can offer peace of mind. It blocks businesses and potential fraudsters from gaining access to a consumer's credit report and score and from granting new lines of credit in the consumer's name. In many states, consumers who want to remove the freeze can use a special identification number to unlock access to their credit file."

OK but ...

[ls -la]

... this seems to do absolutely nothing unless you know your credit security has been breached.

Re:OK but ...

[Qzukk]

If you aren't buying a house, car, or a new credit card, you should preemptively freeze your credit and leave it that way.

Re:OK but ...

[LiquidCoooled]

But when you need the credit you need it.
If its as simple as calling the credit agency and supplying another number to them, aren't the criminals just going to start swapping these numbers as well as credit card numbers?

It doesn't stop anything, just introduces a new charge to pay.

Re:

[robert899]

Looked at the new legislation for my home state of New Mexico. You have to pay again to lift the freeze. In my opinion a criminal will move on to an easier target if they have to pay out of their own pocket to open credit in your name.

I think this WILL help.

Re:OK but ...

[KevMar]

I was thinking this exact same thing.

How often in a year do you open new credit lines? There will be times in your life where you need instant access to get new credit lines, also many times where you are settled and would be better off frozen.

At the same time, this prevents nothing and only complicates the process. Thieves will adjust and unfreeze your account. If they have your identity, they are you. what do you do if you dont remmeber your recurity code, you call and have it reset. but you is them in this case. they still got you.

Now it opens up another way your ex can harras you. They call up as you and freeze your credit line with a code you dont know.

does it also prevent your credit report from getting pulled? that sounds like a nice way to hide from creditors you owe money too.

Dont get me wrong, I like the idea. but nothing is ever simple.

Re:

[pdbogen]

How often in a year do you open new credit lines?
So far, this year... zero.

Now it opens up another way your ex can harras you. They call up as you and freeze your credit line with a code you dont know.
This is the equivalent of putting a lock on my barbecue grill. I don't need to move it anyway- what does it matter if I have the key to the lock, or not?

does it also prevent your credit report from getting pulled? that sounds like a nice way to hide from creditors you owe money too.
They don't need to pull your

Re:

[KevMar]

but what if I lock your barbecue grill shut and you dont see it until you have several guests in town. I deny instant access to use it. now you have to go get tools to break the lock or change your plan for the evening.

As far as ducking from creditors, I was not very clear at all. If you owe lots of bills/child support and leave town, you can prevent them from using your credit report to hunt you down in your new location. I know its a minor thing, but it does get used that way.

My point about asking how

Re:

[Raistlin77]

As far as ducking from creditors, I was not very clear at all. If you owe lots of bills/child support and leave town, you can prevent them from using your credit report to hunt you down in your new location. I know its a minor thing, but it does get used that way.

No, they do not do this. There are plenty of other resources that are not only more readily available, but contain much more information (and the same information) than your credit report would even come close to. Just ask any repo-man.

Re:

[myowntrueself]

but what if I lock your barbecue grill shut and you dont see it until you have several guests in town. I deny instant access to use it. now you have to go get tools to break the lock or change your plan for the evening.

I use an oxy-acetylene torch as a barbecue starter, doesn't everyone?

Re:

[Lehk228]

i use one to do my grilling

Re:

[MarkGriz]

I use an oxy-acetylene torch as a barbecue starter, doesn't everyone?

Wimp... real men use Liquid Oxygen" [youtube.com]

Re:

[jmashaw]

"If you aren't buying a house, car, or a new credit card..." Or a sofa, or a tv or a new dell computer or a personal appliance, or anything else that requires you to use a consumer line of credit. I know you said credit cards... but there is more than that. I think most people would be quite unpleasantly surprised if they were ever to find out how many things are attached to your credit file. While I think this is something good for victims of id theft, it would be too much hassle to go without being able

Re:

[CastrTroy]

Not that you couldn't use credit, but that you couldn't open new credit accounts. I already have a credit card. I don't need another. If I want to buy a computer, or a TV, or a personal applicance, than I'll put it on the credit card I already have. If they don't accept my credit card, then they don't want my business. If my limit is maxed out on that credit card, I need to start paying that off before I buy new things, or have them raise my limit. I can count the number of times i've needed to open a

Re:

[PopeRatzo]

I already have a credit card. I don't need another.

DING DING DING

Why is it that otherwise bright people don't see what kind of royal scam the entire credit culture represents? I'm listening to the radio for the basketball scores from last night and in the last 2-minute commercial break there were THREE spots for a)"repair your credit by buying an out-of-date computer at an inflated price", b) "repair your credit by refinancing your house" and c)for some outfit that will help you negotiate with your credito

Re:

[shaitand]

Give it some time to get out of school. You open more lines of credit than you think. If you have utilities then you have a line of credit for each. The same is true if you are the one who pays for the place you live in, whether you rent or own. Oh yeah, don't forget your cell phone and/or telephone and cable.

This doesn't only block new lines of credit, it also blocks credit checks. That means you better not need to job hunt, transfer utilities, get a new cellphone, get or update insurance, or try to find a

Re:

[TheGavster]

I don't know about you, but my last sofa, tv, and computer were paid for without the use of credit. Credit cards were involved purely for the rewards points; it could have just as easily been accomplished with cash.

Re:

[hedwards]

No, just no. There is really no good reason to preemptively freeze the checks. It can damage your ability to get a new job as well as a new loan. Of the records breached, there is a low number of records that end up being abused. And even then it tends to take quite a bit of time for the stealing to begin.

It is a good policy to wait until the records are amongst a batch stolen. The vast majority of people never have even a single incidence of identity theft, if everyone were to rashly protect their files, t

Re:

[Qzukk]

There is really no good reason to preemptively freeze the checks. It can damage your ability to get a new job as well as a new loan.

Then the employer should say "uh, hey, uh... I need to run a credit check on you" and the person will either release the freeze or tell the employer to find someone else. Likewise, if the loan company wants your business, they'll probably even send you a nice letter with the phone number to call and all.

In most cases it is limited to $50 or so if it is reported in a timely man

Re:

[hedwards]

Then the employer should say "uh, hey, uh... I need to run a credit check on you" and the person will either release the freeze or tell the employer to find someone else. Likewise, if the loan company wants your business, they'll probably even send you a nice letter with the phone number to call and all.


That would be nice. Unfortunately, you really can't count on that. Last time I checked employers were supposed to indicate directly after an interview if an applicant is hired. Waiting for the report to go

Re:

[hazem]

No, just no. There is really no good reason to preemptively freeze the checks. It can damage your ability to get a new job as well as a new loan. Of the records breached, there is a low number of records that end up being abused. And even then it tends to take quite a bit of time for the stealing to begin.

I'm one of the millions of veterans affected when the VA lost all that personal information recently. I got a nice PDF file saying there was nothing to worry about.

What I really want is the ability to free

Re:

[hedwards]

I'm one of the millions of veterans affected when the VA lost all that personal information recently. I got a nice PDF file saying there was nothing to worry about.

What I really want is the ability to freeze my credit. Alas, that is not allowed because I live in Oregon.

And having been possibly exposed you should get it, but for the majority of people that haven't been compromised it is really a poor idea.

Inefficient for who? The credit reporting agencies? I don't have much sympathy for them. If they want to

Or you're paranoid.

[khasim]

Really, how many people who haven't been the victims of fraud are going to spend money AND TIME putting these "freezes" on their records?

Instead, why not "freeze" them by default?

Then if the customer WANTS to open a new credit account, the fee to "unfreeze" can be rolled into the new account.

If the customer wants someone to do a credit check on him, the fee can be rolled into the new account OR paid by the organization doing the check.

Why pass a law that doesn't, by default, protect EVERYONE?

Re:Or you're paranoid.

[morgan_greywolf]

Why pass a law that doesn't, by default, protect EVERYONE?

Exactly whose financial interests would this new law be in?

Now you know why.

Re:

[dave562]

I've often wondered the same thing. When the financial institutions started sending out "Credit Monitoring" services I was incredulous. It's ridiculous that you have to pay extra to have them monitor your credit file for you.

Re:

[pnutjam]

I used Turbo Tax to file my taxes. Afterwards I got a free offer from Experian for some low level of credit monitoring for free. I signed up only afterwards realizing what a great phishing email that could have been. I'm usually savvy enough to pay attention to site redirects and certificates, but it's still easy to be fooled. I'm dissapointed that turbo tax allowed those emails to be sent out.

Re:OK but ...

[morgan_greywolf]

There are credit monitoring services that will watch your credit files for you for a monthly fee. In addition, you can get one credit report for free from each of the 3 major credit bureaus by going to http://www.annualcreditreport.com [annualcreditreport.com].

Brilliant

[morgan_greywolf]

In many states, consumers who want to remove the freeze can use a special identification number to unlock access to their credit file.

Yeah, that's a good idea... So how many ID-Ten-T consumers are going to carry this number around -- in their wallets/purses or leave them unsecured in a filing cabinet? When will legislators get a clue that most people are complete ignorant about the security of almost anything?

Re:

[g_adams27]

> Yeah, that's a good idea... So how many ID-Ten-T consumers are going to carry
> this number around -- in their wallets/purses


Probably close to 0% - why would anyone do that?

or leave them unsecured in a filing cabinet?

Probably a lot, if by "unsecured filing cabinet" you include, say, pretty much anywhere inside a house.

So what's wrong with that?

> When will legislators get a clue that most people are complete
> ignorant about the security of almost anything?

The vast ma

Re:

[FutureDomain]

Mod parent up!

This is a good option. I have never used credit before, but Visa and Mastercard don't know that. If someone who claims to be FutureDomain asks for a credit card and has my information and social security number, they'll happily give them a card because it means another customer. Only when I start getting huge bills do I even know something is wrong. Hey, I can even sign up for a bank account online if I just have my social security number! The bank treats it like an ATM PIN, but many people

Re:

[cyberstealth1024]

mod grandparent up (again)!

Re:Brilliant

[CastrTroy]

At least it gives an option to those of us who have to carry around the other pieces information. It gives us something that can stay secret. Not like the Social Security Number, Date Of Birth, address, and all the other easily obtainable information. At least this is something that people who are interested in the security of their credit information can keep secret.

Re:

[gstoddart]

At least it gives an option to those of us who have to carry around the other pieces information. It gives us something that can stay secret. Not like the Social Security Number, Date Of Birth, address, and all the other easily obtainable information. At least this is something that people who are interested in the security of their credit information can keep secret.

Until, over time, you're required to use that number to prove you're the owner of the friggin' credit card.

All of these mechanism eventually

Re:

[eihab]

I read the article and went ahead an looked up SSN on wikipedia trying to find a hole in your theory.

You are absolutely right, it doesn't necessarily mean that people (like my employer, and my mortgage company) wouldn't require you to provide that secret number.

However, I think it will come down to the implementation and the need for a credit report (I couldn't find that anywhere in the article).

My employer asked for my SSN to report my income to the IRS, that doesn't necessarily mean that they pulled my cr

Re:

[gstoddart]

I cannot (from my point of view) imagine a scenario where you need credit "right now" to accomplish a goal. That would mean (to me that) either you are not capable of managing your finances or that you are living way beyond your means.

That's probably true. But, people apply for credit in all sorts of cases -- sign up for a Sears Card, and receive 10% off your purchase is a prime example.

Besides, credit companies are like drug dealers. They don't care if you're not managing your finances or if you're livin

Un-freeze

[Lawn Jocke]

In many states, consumers who want to remove the freeze can use a special identification number to unlock access to their credit file

That number wouldn't happen to be...

09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

Re:

[deathy_epl+ccs]

(obligatory)

1234?!?!? That's the same as the code on my luggage!

If they are really concerned about ID theft

[geekoid]

They should tell the reporting agencies they have 30 days, and then they have to stop using SSN.

How they fix it it their business.
OTOH, with ID theft becoming more common, reporting agency will eventually be worthless since no one can depend on their reports anymore.

Re:

[snoyberg]

OTOH, with ID theft becoming more common, reporting agency will eventually be worthless since no one can depend on their reports anymore.

The problem is that, relative to the population, ID theft is very uncommon. So therefore, these numbers are accurate in the vast majority of cases, and when they are inaccurate, they indicate that someone is higher risk than they actually are. In other words, there is no increased risk by relying upon these numbers, and most of the time firms won't lose too much business by utilizing them.

Re:

[geekoid]

sure, now.
But what percentage needs to be 'breeched' before reports are considered unreliable? or people who are faced with a high interest rate due to action taken by ID theft sue the agencies?

Re:

[snoyberg]

My guess is that, by themselves, financial firms would trust those numbers for quite a while, even if they knew that about 5% were unreliable (see my previous argument). The idea of suing agencies would at that point probably be the only thing to stop them... if it could be accomplished. Remember, at that points, people have a few things going against them:

1. They are now guilty until proven innocent
2. The people who's scores are trashed and actually care about it are more likely to be poorer than average and

Stop dilly dalling

[LiquidCoooled]

Just give us one time keys.

If I can use a piece of important information only once before it changes then nobody can replay it.

Incidentally, how do you prove you are you to actually put the freeze/unfreeze in place?

ATTN: Security Freeze Cancelation ALERT

[G4from128k]

I wonder how many people will give up their secret security freeze number to phishers?

Re:

[Mattintosh]

That depends on the penalties for a failed unlock attempt. If its federal agents on your doorstep and PMITA-prison time, expect me to fully comply with a phisher, but with fake info. Go ahead. Send him my personal banking data... delivered by the US Marshals.

If, however, this turns out to be toothless (much more likely than the above), poorly implemented (almost a surety), or if violations are ignored by the feds (well, duh), then well, to answer your question, "almost everyone." What can I say? People are

Re:

[Plugh]

I wonder how many people will give up their secret security freeze number to phishers?

Bingo! Laws don't fix problems. No amount of words on paper will make phishers go away. No penalty, no matter how draconian, will change the fact that some people will attempt to defraud others. All more laws do is create more red tape, more bureaucracy, and necessitate that more taxes be spent.

The problem is, legislators and the average voter don't understand this about laws -- they think that the world can be made a

Re:

[Chandon Seldon]

This particular type of legislation actually is helpful. First, it protects people from fraud - one of the a government can obviously legitimately do. Second, it patches a hole in a previous set of laws, which allowed lenders to collect on loans that they gave to third parties in your name.

Easy Solution:

[bit trollent]

Whoever lets someone use a stolen identity to get a loan or credit card or whatever should be responsible for all damages. That means forgiving the loan and restoring the credit of the victim as well as paying damanges if the victim's credit history took a hit.

Seriously, it's not my job to make sure you verify the identity of your clients and I shouldnt have any consequences if you dont do it right.

Also, anybody who loses data used to steal an identity should be responsible for the consequences. If you run over a pedestrian on a sidewalk you pay te medical bills right?

Re:

[Hoplite3]

Amen.

Identity theft is a problem because it works now by blaming the victim. Hold the institution that issued the fraudulent credit accountable and they'll do a better job of securing proper transactions. Seriously, set out what damages I can collect if a bank issues a loan to "me" who isn't me. Once this happens, banks will be much more interested in strong methods for identifying clients and overall bank security could improve as a secondary effect.

Rock.

Re:

[Xzzy]

Won't someone think of the economy?? If merchants or creditors are obligated to take the blame, they'll spend millions to improve their security, or they could lose billions due to fraud, forcing layoffs and destroying society as we know it!

Seriously, it's a good idea, but they got the lawmakers in their pocket. Just like transportation companies are largely exempt from emissions requirements and airlines get government handouts to stay in business, he with the best lobbyists get to make the rules.

Re:

[Lehk228]

actually a fraudulently opened account IS on the issuing agent, unless they can track down the actual person who opened the account.

AND yes you can get that fraudulent account off your credit report

Re:

[zCyl]

Seriously, it's a good idea, but they got the lawmakers in their pocket.

Yeah, well the victims of identity theft probably have the juries in their pocket on this one.

Re:

[LuxMaker]

Also, anybody who loses data used to steal an identity should be responsible for the consequences. If you run over a pedestrian on a sidewalk you pay te medical bills right?

Does this data loss include when a theif breaks into your home and steals your personal info? What about a vindictive ex-spouse who has an ax to grind? Also how do you determine where the data loss occured? I am sure it could be made ambiguous in most cases. I agree with you mostly(your idealogy), but there are some holes that need

Re:

[h4ck7h3p14n37]

I agree with you 100%; hold the creditor responsible for their failure to properly confirm the customer's identity.

The typical objections to this solution is that it will cost the industry too much money to do proper identity verification and that it will inconvenience the customer. I don't care if it costs the industry money as they're currently passing these costs along to the public. As for convenience, what's the big deal about having to show up in person to open a line of credit?

Goverment one step behind

[Applekid]

There's a private company (Lifelock is the one I hear on the radio all the time) that also has the ability to lock down your credit. No new legislation required, it would seem. Of course, that costs money so maybe this legislation just enables individuals to lock their credit at the taxpayer's expense.

This is also supposed to stop those pre-approvals that constantly clog up your mailbox... (well, mine at least.)

Re:

[jafiwam]

What?

One scam, built upon another scam?

Who gave the three agencies the right to hold this data over my head like a sledgehammer? I certainly don't remember signing anything. Ever try to get something _fixed_ in one of them?

Some scam front company owned or run by the same group wants me to now pay to fix the completely unaccountable and completely open to fraud "credit reporting business" to close off what is let's face it, a simple database lookup that they already charge a hundred bucks to do in the first

Re:

[epine]

I totally agree. When the credit reporting agencies give out bogus information about a person's credit worthiness because of false and unsubstantiated allegations placed on their credit record by shady entities, the credit reporting agency is commmitting an act of libel, and should be sued for it. Newspapers get sued all the time for printing false information of less import to the person concerned? When, exactly, did the credit reporting agencies cut themselves this giant loop-hole on the normal working

I use cash for most of my purchases

[Anonymous Coward]

Yes, I've gone back to cold, hard cash. Sure, I keep a credit card for emergency purposes (road break-downs and such), but I don't really use it much. I don't buy things over the Internet, and yep, I check my listed credit history with the credit bureaus. [mailto]

New Laws! Hallelujah!

[Illbay]

We ALL now how much better "protected" we are after our politicians pass NEW LAWS to protect us!

What is it, something like 20,000 separate laws "controlling" the ownership and use of guns, yet we still get VaTech?

And, of course, whenever those don't work, why, we'll just PASS MORE LAWS!

How great to be a politician, where you're never graded on what you actually do, just what you SAY.

Re:

[g_adams27]

> We ALL now how much better "protected" we are after our politicians pass NEW LAWS
> to protect us! What is it, something like 20,000 separate laws "controlling" the
> ownership and use of guns, yet we still get VaTech?

What a bizarre conflation of two extremely different types of legislation! That's got to be the strangest justification for not passing new laws that I've seen in a long time.

Let me conflate this legislation with another law that's not as wildly dissimilar as gun control law

Re:

[Illbay]

Bottom line: Pass all the laws you want. Won't make a whole lot of difference, I think. Crooks'll find ways to circumvent any roadblocks you put in the way.

But that won't stop Congressman "X" and Senator "Y" from standing together in the Oval Office, posing for the cameras while the President signs their bill.

I repeat: Politicians are seldom judged on what they DO, only for their stated intentions.

So vote for "X" and "Y".

Personal info should be private by default

[mmdog]

I could make a very long winded post about this, but what I believe is really very simple: all personal info should be private by default.

Any time anyone wants any of of my personal info, be it SS#, Credit Report, phone number, address, email address, et al. they should be required to get my authorization before it can be released or even used. Kinda like medical/health info except done a lot more robustly. I'd go so far as to advocate serious jail time for individuals who abuse my personal info, for instance all the laptops that various government agencies manage to lose. I'd hope the threat of years in a federal penitentiary would do the trick.

I'm not holding my breath, but it pisses me off to no end that I have to maintain so much of a defense of my information.

Re:

[panaceaa]

If that were the case, how would you even make a post to Slashdot? Would it always be anonymous? Unfortunately, anonymous posting breaks all the anti-spam efforts of Slashdot, since you can't differentiate people with established accounts from malicious users. So let's say you log in, what are you logging into? You supply your username and password, but is Slashdot even allowed to look up your user ID? That's personal information. Or what about remembering a link to your blog in your signature? Even

Re:

[neo1piv14]

I think by personal information he meant SSN, Address, Phone Number, important info like that. You guys can know my slashdot nick all you want. I think the system is already BSed anyways. On the back of my Social Security Card, it says that you CANNOT use that card for purpose of identification. However, even at a college I have been asked to show that card as proof that I am me. If a government funded college can do that, what's to stop a bank from giving that out, or a telemarketing company paying for my

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[grommit]

Simple, the credit freeze has nothing to do with existing accounts. Hence, you won't get locked out of your accounts.

Wait. Wouldn't that violate free speech?

[Palmyst]

http://yro.slashdot.org/article.pl?sid=07/05/08/12 22239 [slashdot.org]

Oh yeah....

[iknownuttin]

More "legislation" to correct a problem.

And what lobbyists were in on this "legislation"? Hmmmm, do you think the credit bureaus and the banks? Hmmmm????

Sorry, whenever there's "Legislation" I automatically think that the industry lobbyists wrote it.

Re:

[Anonymous Coward]

Actually, the 3 credit bureaus fought it. They argue that when Joe Blow walks into his neighborhood Ford dealership and wants to walk out with a car, he'll have to wait if his credit report is frozen. It can take a few business days to unlock it temporarily. The 3CBs argued that having to wait to make a purchasing decision / apply for new credit would hurt the consumer.

Re:

[awarlaw]

Actually, I don't think it would hurt the consumer. It would actually hurt the dealership/sale more. It would really give time for "buyers remorse".

-Aa

Re:

[Bearhouse]

Not just the lobbyists. Politicos demonstrate their existance and supposed itility by passing legislation. When was the last time you heard of one of them shouting about how they'd repealed some now-useless law?

It's all about, 'oh no, this [insert lastest scam here] is scandalous!!!!! Here's my proposed fix!!!! Vote for me!!!!'

Another poster here had it right - give people who either lose or steal your data 20 years...should concentrate the minds a little.

A More In-Depth Look Here

[tsu doh nimh]

The Post also ran a much longer, more in-depth piece looking at the process of passing freeze legislation in Delaware, easily the most banking- and business-friendly state in the union. That piece is here [washingtonpost.com]

One highlight, which looks at the role of the Consumer Data Industry Association (CDIA), the lobbyist group that works for the data broker industry and the credit bureaus:

"Goldberg, who has worked with advocates in more than a dozen states to enact freeze legislation, said that in 2005 the CDIA and the credit-reporting agencies shifted their strategy. They no longer were outright opposed to credit-freeze laws; instead, they worked to convince states to allow the bureaus to charge as much as possible when consumers place, lift or remove credit freezes. "The credit reporting agencies clearly want consumers to pay more for the security freeze than we certainly think they should," Goldberg said. "But given that those same agencies collect all of this sensitive financial data about consumers and then turn around and sell it, we think they should also have the obligation to protect the consumer, and that's where the security freeze comes in.

Why does this problem still exist?

[StandardCell]

I'm still amiss as to how people can still get their personal data stolen and their lives ruined by thieves in this way. To me, the biggest problem is the credit reporting agencies themselves who are very anti-consumer. By that, I mean they will very easily and quickly put on a bad credit remark, but are slow to remove it if it's a mistake. Even then, the whole idea of verifying identity in financial transactions is very loose to these guys who only require a name and SSN.

This is one of the problems that requires long-overdue federal legislation to remedy. It needs to consist of the following:

* Complete elimination of the use of SSNs by non-governmental agencies to track individuals, including employers and insurers
* Disallowing tracking numbers for enumeration of individuals to remain the same across any two or more private organizations
* Requirement of independently-verifiable photo and/or hashed/digitally-signed/analog biometric verification of the purchaser for large purchases on credit (not all of the above necessarily - even an original copy of a fingerprint plus a photograph of the person with the contract would be sufficient)
* Increased onus on creditors to prove that the alleged debtor was, in fact, the person responsible for the purchase or transgression in question via the identification as above
* Severe criminal penalties (up to life imprisonment) and civil penalties ($250,000 or triple the value of the offense, whichever is greater, per offense) for those who purposely attempt to steal identities, subvert the security measures for the purpose of identity theft, or facilitate the reporting of false information on debtors for which adequate steps have not been taken to verify identity
* Mandatory FIPS-based security for the storage of personal information
* Withholding of derogatory credit information that is in dispute during the time that affected individuals are making a proper challenge to said derogatory information

Do all of that, and what you'll find is that this problem will vaporize overnight. It won't prevent other problems such as outright credit card theft (for which there are separate solutions anyway), but it will cut this problem off where it needs to be cut off.

Re:

[ISoldat53]

Also make the credit reporting companies liable for the cost of the purchase if credit is denied based on faulty credit information.

Trash

[Mephistophocles]

This law, quite frankly, is a load of bullshit. It just doesn't accomplish anything. Sure, I can freeze my report but any thief worth his salt will steal the passcode if/when he steals my identity. I'm also awfully skeptical of the fact that you actually have to pay something to freeze the report. That sounds a little like blackmail - my report can be accessed and I'm subject to identity theft unless I pay this company a fee to protect my information? (Sort of like, you know, keeping potentially detrimental

Re:

[g_adams27]

> This law, quite frankly, is a load of ****.
> It just doesn't accomplish anything. Sure, I can freeze my report
> but any thief worth his salt will steal the passcode if/when he steals my identity.

You might have a point if it was simply possible for a thief to call up the 3 credit bureaus and say "Hi, my name is, uh, Mephistophocles and could you give me my credit report freeze code PIN? Great, thanks, bye."

Fortunately, it's not that simple. Here in NC, to enact a freeze, you have to co

Re:

[Mephistophocles]

That's true, and I should emphasize that I'm not saying that this legislation makes things worse than they are now. However, remember that a thief could accomplish everything you listed simply by breaking into my house and finding my paper records (or by accessing my credit report now, before it's "frozen" - not difficult, or possibly even by stealing my mail, for that matter). He could also potentially get all of that information online (granted, that would take some serious work but it could be done). Now

Re:

[profplump]

I don't have a non-PO box mailing address. I do have a physical address if I call the fire department, but I can't get USPS mail there. Somehow I don't think you've though your cunning little plan all the way through.

Hardly News

[littlewink]

I've had a 7-year credit freeze for more than 5 years. This isn't something new - it's always been available to someone whose identity has been stolen.

It should be free.

[Palmyst]

Why does it take $10 to flag a row in a database table as being "frozen"?

Re:

[Anonymous Coward]

Why does it take $10 to flag a row in a database table as being "frozen"?
Because it costs money to print out the request, place it on a wooden table, snap a photo, scan it into the computer, and generate an HTML-overloaded email sent to the Hotmail account of the minimum-wage data entry clerk through the insecure "proxy server" (read: phishing trap) over in Russia.

Re:

[44BSD]

Because that row just became $10 less valuable to the credit bureaus if they have to actually do any work to unlock it before selling access to it. As a matter of law, they OWN that info, so naturally they are going to object to anything that interferes with their right to use their own property. So would you.

Whether they *should* have a property right in personal financial information about others is an entirely separate question. My answer is "no" ;^).

Here's a novel idea...

[Chabil Ha']

How about creating systems whereby peoples' identities aren't stolen in the first place. How about not using a single unique identifier (SS#) to conduct all business, et all. This only addresses things after the fact.

Here's a better plan

[aegl]

The real problem is that banks etc. are willing to open new accounts on the flimsiest of evidence of whether the customer really is who they say they, often just because they are able to quote a social security number.

So why not pass a law that says that banks are responsible for all the debt racked up in such accounts. That might focus the banks minds a little on making sure that the customer really is who (s)he says (s)he is.

Then just to make it really clear that the government would like everyone to

What about the cops!?!

[toy4two]

Sure this is great if your identity is stolen to use your credit to rip some business off. But it does NOTHING to prevent people from using your identity when pulled over for a traffic ticket. It happened to me. Here in California all you need to do is tell a cop you don't have your ID, then give them someone else's information so they can run through the computer, when it checks out, they write that person a ticket with the other person's name. That person drives off scot free and a few monthes later y

Re:

[Marrow]

So they were...

Driving without a license.
Driving without proof of ID
Driving without proof of Insurance

Driving a car not registered in your name. Was the car stolen too?

They make you sign the ticket right? Signatures dont match whats on record;
the have an image of that right? They have an image of your face from DMV
right..and these great cars cannot receive an image?

So who's car were they in?

Re:

[toy4two]

All questions I brought up to the police in Berkely. According to the police this person was driving the passenger's car, the passenger supplied the insurance and registration and the car was registered in her name, it was not a stolen car. So he ran her insruance and registration and ran the "driver's information" which happened to be mine. The license plate number was written on the ticket as well as the make and model of the car, a Mazda 626. The first thing I had to do was fax them a copy of my sign

Re:

[Marrow]

Lying to a police officer is a crime.
Identity theft is a crime.

There is probable cause to believe that the passenger was involved.
She heard the driver give the officer a false identity right?
Maybe enough to question her.

She knew the driver, would you let a stranger drive your car?
Or she was under duress. Is the passenger still alive? Maybe
this was a carjack. Maybe the passenger is in trouble.

Once they have identified the correct identity of the driver,
then you should pursue criminal charges. Then you ca

Yes, actually. The cat does got my tongue.

[Impy the Impiuos Imp]

Wait for it...

3...

2...

1...

0...

"Hello, US Credit Agency? Someone locked my account and set up a password for it without my permission. What do I do?"

Re:

[The Cisco Kid]

Who the f*** decided that sentences on the Internet shall no longer be formatted with two spaces after a period?!

Two-spaces-after-a-period is an old mechanical typerwriter thing that has long been obsoleted by modern word processors and modern print fonts and is entirely irrelevant in electronically represented text.

How about...

[CrowbarKing]

Send multiple Arnold Schwarzenegger clones back in time to help recover your stolen identity.

Did Microsoft Consult?

[rossz]

This sounds so much like how Microsoft handles security. Make something so intrusive and such a pain to use, that no one uses it. Then you can blame the user/consumer for failing to use the available security.

Someone else suggested making the credit companies responsible for the losses. Personally, I think we should make the credit _reporting_ companies responsible. I guarantee you they will implement a reasonable security solution rather quickly if that happened. When they could end up paying for a $1

Band aid over an artery wound

[gorbachev]

The real solution is to completely overhaul the information broker industry and move to a system where the subject of the credit information has total control over who gets to access the data. That's how it should've been from the get go.

That's going to happen about at the same time hell freezes over though, because it would mean no profits for the information thieves.

What about the employers....

[Khyber]

...that check your credit history before deciding to hire you? Would a freeze on your accuont unfairly deny you a job because your shit got stolen?

Why Fees?

[aldheorte]

Sounds like in many cases you have to pay for the privilege of having your credit protected. Why should we have to pay a for-profit company money to secure our credit?

I have always thought this could be solved easier

[syntap]

We need federal legislation signed making credit card companies or any organization extending credit civilly and criminally liable for identity theft. In other words if someone under the guise of you opened a Citibank VISA account in your name and rung it up, Citibank could then be sued by you and/or prosecuted for extending credit to someone whose identity was not properly verified.

THEN you'd see some changes taking place. Instead of "oops, sorry" they'd be faced with saying "oops, here's six million for our mistake."

I mean, these guys own the system. They make money off us from their ownership of it. They should be responsible for securing it.

In other words

[Opportunist]

...when you're stealing someone's identity now from a database, be sure to also steal the unlock key.

credit freeze

[generic7]

There seems to be a lot of confusion about Credit Freeze. Many states do offer it for free. http://www.creditlock.com/ [creditlock.com] has organized credit freeze relevant information, fees, procedures, etc... in a very convenient system, initiated through an interactive map. It is complimentary to members, and membership is negligeable. Hopefully, if a federal law is ultimately passed, all such requirements will be streamlined....

All the credit agencies already do this.

[sallgeud]

I've had mine locked for about 18 months now. When I went to buy my new house, I had to call up and let them know to allow it in. Two of them had methods to perform these actions online, the other had a phone number that was about as easy as the national do-not-call list.

Already Law?

[AUDIOMIND]

Doesn't the FCRA [ftc.gov] already allow for this?

Re:

[Applekid]

And they both represent states outside of the contiguous 48.

I guess the majestic beauty of Alaska and the lovely Pacific Ocean surfing holidays really helps out people's perspectives. I recommend both to everyone. B)

Re:

[eneville]

about time

i was going to post on here, but it seems someone has changed my password.