Slashdot Mirror
Government To Fix Identity Theft?
Cobb writes "With nearly 50 million identities compromised in the last 6 months, the powers that be are gearing up to fix the problem. 'Prosecutors and privacy experts say that what America needs is a coordinated national strategy. While 15 states require companies to tell consumers if their data has been compromised, there's still no national law.' A new study joins a host of other statistics -- some private, some government-sponsored -- attempting to quantify the size of the ID theft problem. There is no universal agreement on the size of the problem, on the way to count the victims, or even on how to define identity theft."
The so called solution turns out to become much worse than the original problem.
Perhaps if banks and merchants would control credit a little better we might not have as much of a problem. They could start by not sending credit card offers to my dog.
[Insert pithy quote here]
I hope they don't form all these comittees, have all these meetings, and make a national law that makes it mandatory for companies to tell us our information has been stolen. It would be better if they passed laws that held these companies more financially responsible for these identify thefts. That would help them beef up security. I think...
"That's not ironic, it's just mean!" - Bender
It is silly that someone can committ such fraud just because they collect some numbers (SSN, phone, address, Credit Card, Driver's License, Passport). What we need is a system where simply possessing the numbers does not allow for fraud. The solution probably has something to do with biometrics. Of course, criminals will work against that too, but I just don't see how we can legislate ID theft into submission.
Logic would dictate that your information is private BY DEFAULT, as in other enlightened countries.
The only way to fix the problem is not to have all these laws after the fact, but to stop the sharing at the source. For example, you sign-up at a bank for a new account. You cannot at that time ask for you information not to be shared. You must call up later and say:
1) I don't want my information shared to third-parties.
2) I don't want my information shared to afflilated companies.
3) I don't want any offers, etc.
If you miss one your screwed. Just think of all the things you've registered for where your information is flying around. It's absolutely unstoppable.
I'd love to do a credit freeze on my account, but in Texas you can only do that AFTER you prove to the credit companies that your a victim of identity-theft. That's like handing out a condom after rape.
The credit-bureaus snap back that without access to the sea of "metadata" people won't get all these advertisements for low-interest lows and crap like that. Makes me want to puke.
Maybe we can change out our SSN#s every so often, but otherwise I assume having your identity stolen will be common-place in 5 to 10 years.
Peace out!
Happy 4th.
"This isn't a study in computer science, its a study in human behavior"
Yep, that'll help. Except for all those criminals who don't obey the law.
Right. So why don't we just make everything legal, hm?
Ronald Reagan was right, the most frightening words in the English language are "Hi, I'm from the government, and I'm here to help."
In many cases the government can and should help. If people are stealing, then I want the government to use its powers to stop them.
The reason identify theft is the fasteest growing problem is that a lot of crimes that used to be called something else is now called identify theft.
Someone steals your credit card number and orders porn? That's no longer credit card fraud, that's identity theft.
Someone forges a check against your bank account for porn? That's no longer check fraud, that's identity theft.
Somebody ordering a pizza in your name, because they can't afford porn? That's no longer a phone prank, that's identity theft.
Nearly all economic crime can now be classified as identity theft. Nearly all is being so classified.
It's impossible to tell how much of a problem there is, at this point. We're all too distracted by watching the sky falling.
Identity "theft" is not the fault of the offended party, so why should they have to spend their resources fixing it?
The best idea yet is that unless the creditor can prove that you authorized any purchases made on your account, then they have to eat it. It is the creditor's job to make sure they know who to whom they are giving credit. It is then ultimately their responsibility to track down identity thieves. If their internal policies are so lax, that they don't know their customers from a hole in the ground, then they need to shape up. I think that this policy is the only way to get them to fix these problems, by hurting their bottom line.
The biometrics biz doesn't want you to know, but biometrics suck.
Even if one were to develop a much better biometric system, there are serious drawbacks. Any biometric key is really just a password that cannot be changed, even if the password has been compromised, or even if the whole system has been cracked wide open.
Suppose someone invents a "foolproof" retinal scanner system, which is deployed at every point-of-sale terminal in the US. All credit card transactions are verified with the retinal scanner. A year later, someone figures out a way to imprint retinal holograms on contact lenses, or finds some other circumvention. Now if someone gets his hands on your retinal data, your financial life is completely hosed, forever, or at least until you convince the powers-that-be to trade in $50 billion worth of retinal scanners for updated models. You can't call the credit card company and ask for a new retina.
As ever, security is really more about attitude than about devices. An awful lot of dollars worth of credit card fraud, for example, would be stopped cold if store clerks bothered to just check the signatures on credit card slips.
The next step is to limit sharing of personal information; this is something that some states have achieved.
Make sure that lists are opt-in. Businesses must ask personal permission at all times.
Higher penalties for stealing mail or other personal information that is used for wrong purposes.
Require online businesses to use secured connections for better protection.
Hold banks, credit card, loan agencies, etc. accountable for credit history fuckups.
Require timetables on identity theft resolutions; have businesses pay for it.
Fine companies for losing personal information.
If this does not work, let people buy cheap guns and shoot mother fuckers who commit or contribute to identity theft. Why should people sit in silence if credit card industry gets a fat profit that is growing from year to year? Make those fuckers responsible for their fuckups.
but no one will want to do it.
Apply the same privacy and security standards to financial institutions that HIPAA requires.
I went to work on a PC at a doctors office, it was the machine that contains patient records.
That machine was forbidden from being connected to the internet in ANY way what-so-ever and was forbidden from being connected to their inhouse LAN.
The STAND ALONE machine had a modem in it but it was only allowed to connect to a certain system through a single dial-up line.
No other use of the machine was permitted. It had no disc drives so it was not possible for employees to install stuff from home or to copy things from it.
The machine was pretty damn isolated from the outside world.
Of course that will never happen with financial institutes because they WANT these things to happen, that way the people will cry for more security. And they will get it, with Orwellian security like retina scans and sooner or later, DNA scans, like in the movie GATTACA
Personally, I have no financial anything. I don't use banks at all in any form. I have no credit, I have no savings or checking accounts, I have no credit cards.
I live strictly by cash alone. Everything I own is paid for. I pay utility bills with green cash, in person at the local grocery store. I owe no one for anything.
You want to steal my identity? I don't give a shit, go ahead, I don't use it anyway..
I can say that the system is definitely screwed. All I'm doing is living my life, and due to some fool with a penchant for living other people's lives, I had to spend WEEKS trying to convince people that I'm not Ms. L. Kennedy. This despite the fact that I'm also not a woman.
The debt collectors are out for one thing - collection. If you have been wrongly listed as the person responsible for a payment, they want nothing to do with you.
Stupid system...
In many cases the government can and should help. If people are stealing, then I want the government to use its powers to stop them
Trust me, there's a big difference between the beauracratic drones from Federal agencies and your local beat cop. It's pretty obvious which type was being referenced.
Mod parent up, I ran out of points to use.
I never thought of it that way, but you are 100% correct. Of course the problem is their is nothing I can do, since this is jsut the way things work now. There is no switch that says "I will not be doing any credit like things in the next year" anywhere.