What to do with leftover customer data?

• Tweet

July 1st, 2009 - Posted by Caitlin

Verified Identity Pass was a privately owned company that offered a service called Clear, which was designed to help air travelers get through airport security checks faster by vetting their identities and backgrounds in advance. On June 21, Verified Identity Pass announced that, for financial reasons, it would be ceasing operations. The abrupt closure has raised serious concerns about the customer data collected by the company. Stored information includes fingerprints, iris scans and digital images for roughly 260,000 customers. While this registered travel program was privately owned, it was authorized by the TSA, which required the service to record full legal names, home addresses, dates and places of birth, genders, heights, driver's license numbers, passport details and other information for all customers.

Bennie Thompson, the chairman of the House Committee on Homeland Security, has given the Transportation Security Administration until July 8 to explain how the agency plans to ensure the security of all this data. The TSA is in the process of putting together a response to this question, and in the meantime, claims that Clear is appropriately safeguarding the collected data. Verified Identity Pass assures customers that their information is being stored in conformance with the TSA's security and privacy requirements. But the data has yet to be deleted, leaving open the possibility that it could be sold or passed on to a third party, if the intention is to use it for another registered travel program.

As long as our personal information is out there, beyond our control, it is wise to invest in identity theft protection.

Consumers Union wants to know what you think about credit card reform

• Tweet

July 1st, 2009 - Posted by Caitlin

Consumers Union has created CreditCardReform.org, which provides news updates and explanations to ensure that readers understand how credit card reform effects their financial situations, as well as a wealth of tips to help readers use credit responsibly.

In the months before the new protections outlined in the latest legislation go into effect, Consumers Union is attempting to monitor the various tactics that credit card companies sometimes use against cardholders. If your credit card provider adds a new fee, raises an existing fee, increases your interest rate, closes your account, lowers your credit limit, or takes away your rewards, they'd like to hear your story.

To learn more about credit cards or to find a credit card that's right for your financial situation, check out our reviews and comparison charts.

Good news for identity thieves – it's legal for states to post Social Security numbers online

• Tweet

July 1st, 2009 - Posted by Robert Siciliano

Robert Siciliano is a NextAdvisor.com Expert Guest Blogger

B.J. Ostergren is a proud Virginian. She's known as "The Virginia Watchdog," but I like to call her "The Pit Bull of Personal Privacy." She is relentless in her efforts to protect citizens' privacy, and she is primarily concerned with the posting of personal information online. So in order to make this point, she finds politicians' personal information on their own states' websites, and republishes that information online.

Publicly appointed government employees known as Clerks of Courts, County Clerks or Registrars are responsible for handling and managing public records, including birth, death, marriage, court, property and business filings for municipalities. Every state, city and town has its own set of regulations determining how data is collected and made available to the public.

The Privacy Act of 1974 is a federal law that establishes a code of fair information practices governing the collection, maintenance, use, and dissemination of personally identifiable information about individuals that is maintained in systems of records by federal agencies.

Over the years, many have interpreted this law to allow public information, including Social Security numbers, to be posted online. I've seen Social Security numbers for Jeb Bush, Colin Powell, former CIA Director Porter Goss, Troy Aiken, and Donald Trump, all published on the Internet.

Years ago, B.J. discovered that several states, including her home state of Virginia, were posting our records online, and she immediately saw how this could contribute to identity theft. She has downloaded as many as 22,000 Social Security numbers from deeds, mortgages, tax liens from the websites of circuit courts, registers of deeds and secretaries of state. She made a concerted effort to inform each agency that what they were doing was unethical, at the very least, and possibly even criminal. But she was often rebuked. That's when she decided to fight back. When government agencies stopped listening, she started posting politicians' personal information on her own website, "The Virginia Watchdog." This certainly attracted the attention of officials, but it also created a backlash against her.

Some states resolved the issue by redacting the Social Security numbers, but Virginia did not. B.J. persisted in informing them of the problem and, as the Richmond Times Dispatch put it, "the state decided that the person who brought the problem to their attention was the problem."

A 2008 Virgina state law prohibited disseminating information taken from public records, and thus, prohibited B.J. from posting publicly available information on her own website. So legally, it was okay for the County Clerk to do it, but nobody else was allowed. U.S. District Court Judge Robert E. Payne recently ruled that this 2008 state law is a violation of First Amendment rights. It's a win for B.J., but this doesn't resolve the initial privacy issue.

So how does this impact you? This means that while you can do everything possible to protect yourself from fraud and identity theft, your local government may be circumventing your security efforts by posting your personal data online. B.J.'s fight has led to the resolution of some issues and prompted some states to redact data, but the battle is far from over.

Visit B.J.'s site, The Virginia Watchdog, to become more informed about one woman's quest to point out what's wrong and to fight for what's right.

You can attempt to protect yourself from new account fraud by setting up a credit freeze, or fraud alerts, which provides an extra layer of protection. And consider making an investment in identity theft protection. Because when all else fails, you'll have someone watching your back.

Robert Siciliano, identity theft speaker, discusses Social Security numbers.

[youtube]http://www.youtube.com/watch?v=fqoHSACQ34U[/youtube]

Robert Siciliano is CEO of IDTheftSecurity.com , an identity theft expert, professional speaker, security analyst, published author and television news correspondent. Siciliano works with Fortune 1000 companies and startups as an advisor on product launches, branding, messaging, representation, SEO and media. Siciliano's thoughts and advice on all these matters appear often in both the televised and print news media including CNN, MSNBC, CNBC, FOX, Forbes and USA Today. He has 25 years of security training as a member of the American Society of Industrial Security. He is the author of 2 books, including The Safety Minute: Living on High Alert; How to take control of your personal security and prevent fraud. He's also partnered with Uni-Ball to help raise awareness about the growing threat of identity theft and to provide tips on how you can protect yourself.