EUIST

EUIST

Just another ComMetrics – social media monitoring, best metrics, marketing metrics weblog

ChoicePoint and other mishaps – chronology of security breaches

November 16th, 2006 · No Comments ·

In early 2005 ChoicePoint, a giant data broker that maintains digital dossiers on nearly every adult in the United States, had a disaster. The firm discovered that more than 40 phony businesses (e.g., people masquerading as bill collectors, private investigators, insurance agents and the like) had opened accounts that gave them unfettered, round-the-clock access to the vital data ChoicePoint maintains (we reported about this in ChoicePoint privacy breach – some reflections and economics).

ChoicePoint and similar organizations assemble many records about each person including but not limited to such data as their:

– Social Security number (some countries call it Social Insurance Number), birth date

– driver’s license number,

– license plate numbers of all cars they currently own,

– name of one’s spouse,

– maiden name

– current and previous mailing addresses,

– criminal records if any,

– civil judgments, as well as

– price of every parcel of property a person has ever owned.

But ChoicePoint is not the only culprit as the graphic below shows (see also ChoicePoint – the facts) (click on Login as a guest for free access).

2005-2006 - USA - Timeline - Data protection and security breaches - read and weep

If you cannot view the above graphic get it as jpg file here – 2005-2006- USA- Data protection and security breaches – read and weep

The ChoicePoint example and others above also show that legislation must be enforced, something that seems not to work so well in some EU Member States as the recent Swift example would suggest where European citizens’ rights were clearly violated neither taking the violating banks nor their regulators who failed to step in to taks about it (see here: Swift and how ‘far’ European legislation goes).

In this regard, legislation that forces the company with a security breach to have to inform affected customers such as California SB 1386 is a good step in the right direction because it also allows citizens and prosecuting attorneys to use the court system to defend violations (California SB 1386 – suing organizations for data and security breaches).

See more soon about how Schengen, UK’s National Identity Register and your biometric information stored with the help of RFID technology threatens your privacy.



|

→ No CommentsTags: breaches · choicepoint · insurance · legislation · license · maintains · person · swift