According to Information Week, Vietnamese criminals posing as a U.S.-based private investigator successfully tricked Experian into selling them social security and driver’s license numbers, bank account and credit card data and birth dates. Experian is one of the three main global information services groups in the world. Avivah Litan is a fraud and security research analyst at Gartner, an American information technology research and advisory firm, and helps put the Experian data breach into context.
Litan calls for a radical change in the way we are sharing consumer data. She discusses how encryption does not even work anymore and that it can be bypassed by governments and even criminals. Encryption is the process of encoding information in such a way that only those who are allowed to view the information can read it.
Credit Card companies have done a good job in their efforts to prevent fraud. Brooke brings up how we occasionally get a phone call from our bank asking us if we actually made a purchase. It shows that they are giving an effort. But as Litan discusses, when it comes to identity data, there is no private sector mechanism that can creative incentives to stop the theft.
Avivah Litan was discussing that things that used to be private are not anymore. Things like bills, addresses and credit history are not just know by you. We think that using encryptions keep our information safe. But the government wants a backdoor entry to get past these encryptions, so our mothers maiden names, and first pet, high school mascot questions four our protection are no longer helpful and safe. If the government is using a backdoor to encryptions then criminals absolutely are. This means that encryptions are now a thing of the past. They are no longer working in the consumers’ favor.
Currently there is very little that can be done about your personal information being with data brokers. Essentially our entire financial history is with these companies. Some data brokers have put up pages on their sites to remove personal information. This is not an easy process though. Notarized documents, and signed information must be sent into the company, which gives them much more information than they already have. The consumer then has to trust that the company will not use the new information and take down what is currently available. It is a lot of work, and it could put you at greater risk for identity theft.
Brian discussed something that this nation is lacking is a National Data Breach Disclosure Law. It would create privacy and protection for consumers against fraud and information disclosure. Currently 48 states and the District of Columbia have enacted laws requiring data companies to alert consumers if there is a breach in data security. He feels that a law like this is truly an issue that would get bipartisan support.
Why is this breach of data happening so easily?
When it comes to alerting the consumer, why don’t data brokers work as efficiently as banks and credit card companies?
Do you think that there should be a National Data Breach Disclosure Law?