New Legislation to Combat Identity Theft 124
coondoggie writes to tell us the Washington Post is reporting that new legislation in a numbers of states and the District of Columbia allows consumers to place a "security freeze" on their credit files. "For the millions of consumers who receive notice each year that their personal or financial data was lost or stolen, a preemptive security freeze can offer peace of mind. It blocks businesses and potential fraudsters from gaining access to a consumer's credit report and score and from granting new lines of credit in the consumer's name. In many states, consumers who want to remove the freeze can use a special identification number to unlock access to their credit file."
OK but ... (Score:2, Redundant)
Re:OK but ... (Score:5, Interesting)
Re:OK but ... (Score:4, Insightful)
If its as simple as calling the credit agency and supplying another number to them, aren't the criminals just going to start swapping these numbers as well as credit card numbers?
It doesn't stop anything, just introduces a new charge to pay.
Re: (Score:1)
I think this WILL help.
Re:OK but ... (Score:5, Insightful)
How often in a year do you open new credit lines? There will be times in your life where you need instant access to get new credit lines, also many times where you are settled and would be better off frozen.
At the same time, this prevents nothing and only complicates the process. Thieves will adjust and unfreeze your account. If they have your identity, they are you. what do you do if you dont remmeber your recurity code, you call and have it reset. but you is them in this case. they still got you.
Now it opens up another way your ex can harras you. They call up as you and freeze your credit line with a code you dont know.
does it also prevent your credit report from getting pulled? that sounds like a nice way to hide from creditors you owe money too.
Dont get me wrong, I like the idea. but nothing is ever simple.
Re: (Score:2)
So far, this year... zero.
Now it opens up another way your ex can harras you. They call up as you and freeze your credit line with a code you dont know.
This is the equivalent of putting a lock on my barbecue grill. I don't need to move it anyway- what does it matter if I have the key to the lock, or not?
does it also prevent your credit report from getting pulled? that sounds like a nice way to hide from creditors you owe money too.
They don't need to pull your
Re: (Score:3, Informative)
As far as ducking from creditors, I was not very clear at all. If you owe lots of bills/child support and leave town, you can prevent them from using your credit report to hunt you down in your new location. I know its a minor thing, but it does get used that way.
My point about asking how
Re: (Score:1)
No, they do not do this. There are plenty of other resources that are not only more readily available, but contain much more information (and the same information) than your credit report would even come close to. Just ask any repo-man.
Re: (Score:2)
I use an oxy-acetylene torch as a barbecue starter, doesn't everyone?
Re: (Score:2)
Re: (Score:2)
Wimp... real men use Liquid Oxygen" [youtube.com]
Re: (Score:1)
Re: (Score:2)
Re: (Score:3, Insightful)
DING DING DING
Why is it that otherwise bright people don't see what kind of royal scam the entire credit culture represents? I'm listening to the radio for the basketball scores from last night and in the last 2-minute commercial break there were THREE spots for a)"repair your credit by buying an out-of-date computer at an inflated price", b) "repair your credit by refinancing your house" and c)for some outfit that will help you negotiate with your credito
Re: (Score:2)
This doesn't only block new lines of credit, it also blocks credit checks. That means you better not need to job hunt, transfer utilities, get a new cellphone, get or update insurance, or try to find a
Re: (Score:2)
Re: (Score:1)
It is a good policy to wait until the records are amongst a batch stolen. The vast majority of people never have even a single incidence of identity theft, if everyone were to rashly protect their files, t
Re: (Score:2)
Then the employer should say "uh, hey, uh... I need to run a credit check on you" and the person will either release the freeze or tell the employer to find someone else. Likewise, if the loan company wants your business, they'll probably even send you a nice letter with the phone number to call and all.
In most cases it is limited to $50 or so if it is reported in a timely man
Re: (Score:1)
That would be nice. Unfortunately, you really can't count on that. Last time I checked employers were supposed to indicate directly after an interview if an applicant is hired. Waiting for the report to go
Re: (Score:2)
I'm one of the millions of veterans affected when the VA lost all that personal information recently. I got a nice PDF file saying there was nothing to worry about.
What I really want is the ability to free
Re: (Score:1)
What I really want is the ability to freeze my credit. Alas, that is not allowed because I live in Oregon.
And having been possibly exposed you should get it, but for the majority of people that haven't been compromised it is really a poor idea.
Inefficient for who? The credit reporting agencies? I don't have much sympathy for them. If they want to
Or you're paranoid. (Score:5, Insightful)
Instead, why not "freeze" them by default?
Then if the customer WANTS to open a new credit account, the fee to "unfreeze" can be rolled into the new account.
If the customer wants someone to do a credit check on him, the fee can be rolled into the new account OR paid by the organization doing the check.
Why pass a law that doesn't, by default, protect EVERYONE?
Re:Or you're paranoid. (Score:5, Insightful)
Exactly whose financial interests would this new law be in?
Now you know why.
Re: (Score:3, Insightful)
Re: (Score:2)
Re:OK but ... (Score:5, Informative)
Brilliant (Score:3, Interesting)
Yeah, that's a good idea... So how many ID-Ten-T consumers are going to carry this number around -- in their wallets/purses or leave them unsecured in a filing cabinet? When will legislators get a clue that most people are complete ignorant about the security of almost anything?
Re: (Score:3, Interesting)
> this number around -- in their wallets/purses
Probably close to 0% - why would anyone do that?
or leave them unsecured in a filing cabinet?
Probably a lot, if by "unsecured filing cabinet" you include, say, pretty much anywhere inside a house.
So what's wrong with that?
> When will legislators get a clue that most people are complete
> ignorant about the security of almost anything?
The vast ma
Re: (Score:1)
This is a good option. I have never used credit before, but Visa and Mastercard don't know that. If someone who claims to be FutureDomain asks for a credit card and has my information and social security number, they'll happily give them a card because it means another customer. Only when I start getting huge bills do I even know something is wrong. Hey, I can even sign up for a bank account online if I just have my social security number! The bank treats it like an ATM PIN, but many people
Re: (Score:1)
Re:Brilliant (Score:4, Interesting)
Re: (Score:2)
Until, over time, you're required to use that number to prove you're the owner of the friggin' credit card.
All of these mechanism eventually
Re: (Score:1)
You are absolutely right, it doesn't necessarily mean that people (like my employer, and my mortgage company) wouldn't require you to provide that secret number.
However, I think it will come down to the implementation and the need for a credit report (I couldn't find that anywhere in the article).
My employer asked for my SSN to report my income to the IRS, that doesn't necessarily mean that they pulled my cr
Re: (Score:2)
That's probably true. But, people apply for credit in all sorts of cases -- sign up for a Sears Card, and receive 10% off your purchase is a prime example.
Besides, credit companies are like drug dealers. They don't care if you're not managing your finances or if you're livin
Un-freeze (Score:1, Funny)
That number wouldn't happen to be...
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Re: (Score:2)
(obligatory)
1234?!?!? That's the same as the code on my luggage!
If they are really concerned about ID theft (Score:4, Funny)
How they fix it it their business.
OTOH, with ID theft becoming more common, reporting agency will eventually be worthless since no one can depend on their reports anymore.
Re: (Score:3, Informative)
OTOH, with ID theft becoming more common, reporting agency will eventually be worthless since no one can depend on their reports anymore.
The problem is that, relative to the population, ID theft is very uncommon. So therefore, these numbers are accurate in the vast majority of cases, and when they are inaccurate, they indicate that someone is higher risk than they actually are. In other words, there is no increased risk by relying upon these numbers, and most of the time firms won't lose too much business by utilizing them.
Re: (Score:2)
But what percentage needs to be 'breeched' before reports are considered unreliable? or people who are faced with a high interest rate due to action taken by ID theft sue the agencies?
Re: (Score:1)
My guess is that, by themselves, financial firms would trust those numbers for quite a while, even if they knew that about 5% were unreliable (see my previous argument). The idea of suing agencies would at that point probably be the only thing to stop them... if it could be accomplished. Remember, at that points, people have a few things going against them:
Stop dilly dalling (Score:4, Interesting)
If I can use a piece of important information only once before it changes then nobody can replay it.
Incidentally, how do you prove you are you to actually put the freeze/unfreeze in place?
ATTN: Security Freeze Cancelation ALERT (Score:5, Insightful)
Re: (Score:2)
If, however, this turns out to be toothless (much more likely than the above), poorly implemented (almost a surety), or if violations are ignored by the feds (well, duh), then well, to answer your question, "almost everyone." What can I say? People are
Re: (Score:2)
Bingo! Laws don't fix problems. No amount of words on paper will make phishers go away. No penalty, no matter how draconian, will change the fact that some people will attempt to defraud others. All more laws do is create more red tape, more bureaucracy, and necessitate that more taxes be spent.
The problem is, legislators and the average voter don't understand this about laws -- they think that the world can be made a
Re: (Score:2)
This particular type of legislation actually is helpful. First, it protects people from fraud - one of the a government can obviously legitimately do. Second, it patches a hole in a previous set of laws, which allowed lenders to collect on loans that they gave to third parties in your name.
Easy Solution: (Score:5, Insightful)
Seriously, it's not my job to make sure you verify the identity of your clients and I shouldnt have any consequences if you dont do it right.
Also, anybody who loses data used to steal an identity should be responsible for the consequences. If you run over a pedestrian on a sidewalk you pay te medical bills right?
Re: (Score:3, Insightful)
Identity theft is a problem because it works now by blaming the victim. Hold the institution that issued the fraudulent credit accountable and they'll do a better job of securing proper transactions. Seriously, set out what damages I can collect if a bank issues a loan to "me" who isn't me. Once this happens, banks will be much more interested in strong methods for identifying clients and overall bank security could improve as a secondary effect.
Rock.
Re: (Score:2)
Seriously, it's a good idea, but they got the lawmakers in their pocket. Just like transportation companies are largely exempt from emissions requirements and airlines get government handouts to stay in business, he with the best lobbyists get to make the rules.
Re: (Score:2)
AND yes you can get that fraudulent account off your credit report
Re: (Score:2)
Yeah, well the victims of identity theft probably have the juries in their pocket on this one.
Re: (Score:1)
Does this data loss include when a theif breaks into your home and steals your personal info? What about a vindictive ex-spouse who has an ax to grind? Also how do you determine where the data loss occured? I am sure it could be made ambiguous in most cases. I agree with you mostly(your idealogy), but there are some holes that need
Re: (Score:2)
I agree with you 100%; hold the creditor responsible for their failure to properly confirm the customer's identity.
The typical objections to this solution is that it will cost the industry too much money to do proper identity verification and that it will inconvenience the customer. I don't care if it costs the industry money as they're currently passing these costs along to the public. As for convenience, what's the big deal about having to show up in person to open a line of credit?
Goverment one step behind (Score:4, Interesting)
This is also supposed to stop those pre-approvals that constantly clog up your mailbox... (well, mine at least.)
Re: (Score:2)
One scam, built upon another scam?
Who gave the three agencies the right to hold this data over my head like a sledgehammer? I certainly don't remember signing anything. Ever try to get something _fixed_ in one of them?
Some scam front company owned or run by the same group wants me to now pay to fix the completely unaccountable and completely open to fraud "credit reporting business" to close off what is let's face it, a simple database lookup that they already charge a hundred bucks to do in the first
Re: (Score:2)
I totally agree. When the credit reporting agencies give out bogus information about a person's credit worthiness because of false and unsubstantiated allegations placed on their credit record by shady entities, the credit reporting agency is commmitting an act of libel, and should be sued for it. Newspapers get sued all the time for printing false information of less import to the person concerned? When, exactly, did the credit reporting agencies cut themselves this giant loop-hole on the normal working
I use cash for most of my purchases (Score:1, Interesting)
New Laws! Hallelujah! (Score:3, Insightful)
What is it, something like 20,000 separate laws "controlling" the ownership and use of guns, yet we still get VaTech?
And, of course, whenever those don't work, why, we'll just PASS MORE LAWS!
How great to be a politician, where you're never graded on what you actually do, just what you SAY.
Re: (Score:2)
> We ALL now how much better "protected" we are after our politicians pass NEW LAWS
> to protect us! What is it, something like 20,000 separate laws "controlling" the
> ownership and use of guns, yet we still get VaTech?
What a bizarre conflation of two extremely different types of legislation! That's got to be the strangest justification for not passing new laws that I've seen in a long time.
Let me conflate this legislation with another law that's not as wildly dissimilar as gun control law
Re: (Score:2)
But that won't stop Congressman "X" and Senator "Y" from standing together in the Oval Office, posing for the cameras while the President signs their bill.
I repeat: Politicians are seldom judged on what they DO, only for their stated intentions.
So vote for "X" and "Y".
Personal info should be private by default (Score:5, Insightful)
Any time anyone wants any of of my personal info, be it SS#, Credit Report, phone number, address, email address, et al. they should be required to get my authorization before it can be released or even used. Kinda like medical/health info except done a lot more robustly. I'd go so far as to advocate serious jail time for individuals who abuse my personal info, for instance all the laptops that various government agencies manage to lose. I'd hope the threat of years in a federal penitentiary would do the trick.
I'm not holding my breath, but it pisses me off to no end that I have to maintain so much of a defense of my information.
Re: (Score:2)
Re: (Score:1)
Comment removed (Score:4, Insightful)
Re: (Score:2)
Wait. Wouldn't that violate free speech? (Score:1)
Oh yeah.... (Score:2, Interesting)
And what lobbyists were in on this "legislation"? Hmmmm, do you think the credit bureaus and the banks? Hmmmm????
Sorry, whenever there's "Legislation" I automatically think that the industry lobbyists wrote it.
Re: (Score:2, Interesting)
Re: (Score:1)
-Aa
Re: (Score:2)
It's all about, 'oh no, this [insert lastest scam here] is scandalous!!!!! Here's my proposed fix!!!! Vote for me!!!!'
Another poster here had it right - give people who either lose or steal your data 20 years...should concentrate the minds a little.
A More In-Depth Look Here (Score:5, Interesting)
One highlight, which looks at the role of the Consumer Data Industry Association (CDIA), the lobbyist group that works for the data broker industry and the credit bureaus:
"Goldberg, who has worked with advocates in more than a dozen states to enact freeze legislation, said that in 2005 the CDIA and the credit-reporting agencies shifted their strategy. They no longer were outright opposed to credit-freeze laws; instead, they worked to convince states to allow the bureaus to charge as much as possible when consumers place, lift or remove credit freezes. "The credit reporting agencies clearly want consumers to pay more for the security freeze than we certainly think they should," Goldberg said. "But given that those same agencies collect all of this sensitive financial data about consumers and then turn around and sell it, we think they should also have the obligation to protect the consumer, and that's where the security freeze comes in.
Why does this problem still exist? (Score:5, Insightful)
This is one of the problems that requires long-overdue federal legislation to remedy. It needs to consist of the following:
* Complete elimination of the use of SSNs by non-governmental agencies to track individuals, including employers and insurers
* Disallowing tracking numbers for enumeration of individuals to remain the same across any two or more private organizations
* Requirement of independently-verifiable photo and/or hashed/digitally-signed/analog biometric verification of the purchaser for large purchases on credit (not all of the above necessarily - even an original copy of a fingerprint plus a photograph of the person with the contract would be sufficient)
* Increased onus on creditors to prove that the alleged debtor was, in fact, the person responsible for the purchase or transgression in question via the identification as above
* Severe criminal penalties (up to life imprisonment) and civil penalties ($250,000 or triple the value of the offense, whichever is greater, per offense) for those who purposely attempt to steal identities, subvert the security measures for the purpose of identity theft, or facilitate the reporting of false information on debtors for which adequate steps have not been taken to verify identity
* Mandatory FIPS-based security for the storage of personal information
* Withholding of derogatory credit information that is in dispute during the time that affected individuals are making a proper challenge to said derogatory information
Do all of that, and what you'll find is that this problem will vaporize overnight. It won't prevent other problems such as outright credit card theft (for which there are separate solutions anyway), but it will cut this problem off where it needs to be cut off.
Re: (Score:2, Interesting)
Trash (Score:2, Insightful)
Re: (Score:2)
> This law, quite frankly, is a load of ****.
> It just doesn't accomplish anything. Sure, I can freeze my report
> but any thief worth his salt will steal the passcode if/when he steals my identity.
You might have a point if it was simply possible for a thief to call up the 3 credit bureaus and say "Hi, my name is, uh, Mephistophocles and could you give me my credit report freeze code PIN? Great, thanks, bye."
Fortunately, it's not that simple. Here in NC, to enact a freeze, you have to co
Re: (Score:1)
Re: (Score:2)
Hardly News (Score:1)
It should be free. (Score:1)
Re: (Score:1)
Because it costs money to print out the request, place it on a wooden table, snap a photo, scan it into the computer, and generate an HTML-overloaded email sent to the Hotmail account of the minimum-wage data entry clerk through the insecure "proxy server" (read: phishing trap) over in Russia.
Re: (Score:2)
Whether they *should* have a property right in personal financial information about others is an entirely separate question. My answer is "no"
Here's a novel idea... (Score:2)
Here's a better plan (Score:2, Insightful)
So why not pass a law that says that banks are responsible for all the debt racked up in such accounts. That might focus the banks minds a little on making sure that the customer really is who (s)he says (s)he is.
Then just to make it really clear that the government would like everyone to
What about the cops!?! (Score:2, Interesting)
Re: (Score:3, Insightful)
Driving without a license.
Driving without proof of ID
Driving without proof of Insurance
Driving a car not registered in your name. Was the car stolen too?
They make you sign the ticket right? Signatures dont match whats on record;
the have an image of that right? They have an image of your face from DMV
right..and these great cars cannot receive an image?
So who's car were they in?
Re: (Score:1)
Re: (Score:2)
Identity theft is a crime.
There is probable cause to believe that the passenger was involved.
She heard the driver give the officer a false identity right?
Maybe enough to question her.
She knew the driver, would you let a stranger drive your car?
Or she was under duress. Is the passenger still alive? Maybe
this was a carjack. Maybe the passenger is in trouble.
Once they have identified the correct identity of the driver,
then you should pursue criminal charges. Then you ca
Yes, actually. The cat does got my tongue. (Score:1)
3...
2...
1...
0...
"Hello, US Credit Agency? Someone locked my account and set up a password for it without my permission. What do I do?"
Re: (Score:2)
Two-spaces-after-a-period is an old mechanical typerwriter thing that has long been obsoleted by modern word processors and modern print fonts and is entirely irrelevant in electronically represented text.
How about... (Score:3, Funny)
Did Microsoft Consult? (Score:2)
Someone else suggested making the credit companies responsible for the losses. Personally, I think we should make the credit _reporting_ companies responsible. I guarantee you they will implement a reasonable security solution rather quickly if that happened. When they could end up paying for a $1
Band aid over an artery wound (Score:2)
That's going to happen about at the same time hell freezes over though, because it would mean no profits for the information thieves.
What about the employers.... (Score:2)
Why Fees? (Score:2)
I have always thought this could be solved easier (Score:3, Insightful)
THEN you'd see some changes taking place. Instead of "oops, sorry" they'd be faced with saying "oops, here's six million for our mistake."
I mean, these guys own the system. They make money off us from their ownership of it. They should be responsible for securing it.
In other words (Score:2)
credit freeze (Score:1)
All the credit agencies already do this. (Score:2)
I've had mine locked for about 18 months now. When I went to buy my new house, I had to call up and let them know to allow it in. Two of them had methods to perform these actions online, the other had a phone number that was about as easy as the national do-not-call list.
Already Law? (Score:1)
Re: (Score:2)
I guess the majestic beauty of Alaska and the lovely Pacific Ocean surfing holidays really helps out people's perspectives. I recommend both to everyone. B)
Re: (Score:1)