In effort to combat identity theft, which experts say is on the rise, a new California law will require companies to notify their customers if their personal digital data, including name and social security number, driver’s license number or credit card number and password, has been stolen or acquired by an unauthorized person. Affected customers will either be notified with a letter or e-mail.
The law allows consumers to sue if they are harmed as a result of a security breach and not notified.
Reuters reported that “privacy advocates and security experts said the law was sorely needed because most security breaches involving customer data are never disclosed.”
“We know of several cases where a security breach had not been disclosed to individuals who later found they were victims of identity theft or could have been victims,” said Beth Givens, directory of the Privacy Rights Clearinghouse, a nonprofit group in San Diego, California.
“The last thing companies want to do is publicly disseminate information about security breaches, particularly companies that are fiduciaries of people’s information, like banks and health-care providers,” said Mark Rasch, former head of the computer crimes unit at the U.S. Department of Justice and chief security counsel at Solutionary, a security services firm.
“Most of them don’t tell their customers” because of the potential for adverse publicity, he said.
The law requires organizations and governmental agencies to comply as well.
(via Reuters)
1 response so far ↓
Bernard Louberssac // Sep 28, 2004 at 10:06 pm
I’m a victim of Identity Theft, I thought I was taking all necessary measures to don’t end up as a victim But I quickly realized that Credit Card Company, Insurance, Retail Store, Telephone Company, etc… So many needs to have a database with all your personal information’s to allow you to do business with them.
The data base include:
Name (First, Middle and Last)
Address
Telephone number
Social Security Number
Date & Place of Birth
However the way they handle your information’s make too easy for Thief’s to embezzle money.
I am wondering why Credit Card Companies, financial Institutions… are not liable to make sure your information are well protected.
Recently, I have contacted my Best Buy Store Account to talk about fraudulent activity on my account. There bank, Household Bank sends me letters and I did follow up with them.
But I asked them to set up a password on my account to prevent other individual to access my accounts.
They agreed on it.
Today, when I call them I was able to access my account without any security question been asked, not even my social Security number. I complain about it and they transfer me to a Supervisor that told me that is not any more company policy?
How do you expect to protect yourself?
Sprint PCS keep allowing people opening account with my name but refuse to discuss about the account with me.
I offer all creditor my help and assistance to catch the individual responsible But I can’t get access to investigators or information’s on the case and more times pass that give me less chance to have access to Security Video or located the individual.
I am really frustrated to see how hopeless it is.
Please tell me that I have options and can make them responsible for the situation that they put me in.
Bernard Louberssac
You must log in to post a comment.