ChoicePoint -- What We Learned from Our Screw-up

xpangler points out an article in Baseline magazine in which "ChoicePoint's lead privacy & compliance executives talks about the 'more than 30' new practices and procedures the company has put in place since it mistakenly sold private data on 163,000 people to Nigerian criminals last year."

Now they need to do quality control

[meburke]

ChoicePoint is an aggregator. As much as 20% of their data could be inaccurate. Employers (for instance) make decisions based on ChoicePoint data, even though ChoicePoint "suggests" that they independently verify the accuracy of any negative reports. (Of course, it may work the other way also: 20% inaccuracy suggests that ChoicePoint will give subscribers false positive data, too.) Is this important? Well, Baseline Magazine wrote a nice article on this last year, http://www.baselinemag.com/article2/0,1540,1825320 ,00.asp
http://www.baselinemag.com/article2/0,1540,1825287 ,00.asp
and I was really impressed with the fact that a Home Depot employee spent a week in jail for crimes he did not commit.

Security is only half of it; Accuracy is the other half.

Re:Non-US?

So they're keeping the data out of countries where it would be legally protected, and ensuring that it is only held and accessed in the USA. That would be a country where:

- There is no privacy legislation that has teeth, and

- The government can ask for the data without any real reason and make it illegal to reveal that the data was turned over.

Feel safe, my American colleagues. (Take that pill if it helps).

Do you ever wonder why foreign citizens won't do business with your companies? Why the Canadians won't let your companies process their data? Why the EU is a bit jumpy about transmitting airline passenger data to you?