Monday, April 02, 2007

FTC Testifies on Identity Theft, Social Security Numbers

An FTC official told the Senate Judiciary Committee Subcommittee on Terrorism, Technology, and Homeland Security on March 21 that “government and the private sector must continue to work together to reduce the opportunities for thieves to obtain consumers’ personal information and make it more difficult for thieves to misuse that information if they obtain it. “

Lydia Parnes, Director of the FTC Bureau of Consumer Protection, urged government and business to evaluate whether they needed to collect and maintain consumer data, better-protect the data they possess, and develop better ways to authenticate customers to keep identity thieves from using the information they steal.

Efforts to Protect Sensitive Information

According to FTC testimony, since 2001 the Commission has filed 14 actions against businesses that failed to reasonably protect sensitive consumer information. The FTC also participated in an Indentity Theft Task Force that was established by the President to develop a comprehensive national strategy for fighting identity theft.

Further, the Commission made “substantial efforts to increase consumer and business awareness of the importance of protecting data and taking other steps to prevent identity theft.” An identity theft primer was developed by the agency and was made available in print and on the agency’s web site. More than two million copies of the primer was developed by the agency. The web site version has been accessed more than 2.4 million times.

In addition, the agency has developed consumer education resources, such as “Avoid ID Theft: Deter, Detect, Defend,” and an identity theft training kit for use by businesses, community groups, and other entities.

Misuse of Social Security Numbers

The testimony noted that misuse of consumers’ social security numbers (SSNs) could facilitate identity theft. The challenge was to “find the proper balance between the necessity of keeping SSNs out of the hands of identity thieves, while giving businesses and government sufficient means to match information to the correct purpose.

Preventing the misue of SSNs could follow two paths. First, the unnecessary use and disclosure of SSNs as an identifier could be reduced. The Identity Theft Task Force was working toward this goal. Second, improved methods of authenticating consumers could be promoted so that SSNs are less valuable, even if they fell into the hands of an identity their. In furtherance of this goal, the FTC will host an authentication workshop on April 23 and 24, 2007.

No comments: