FC: Texas private investigator replies to Robert Gellman on privacy

From: Declan McCullagh (declanat_private)
Date: Thu Mar 28 2002 - 06:06:32 PST

  • Next message: Declan McCullagh: "FC: CBDTPA hits House: Democratic legislator readying companion bill"

    Previous Politech message:
    "No broad U.S. privacy laws costs 'tens of billions,' study says"
    From: "Bill Fason" <wfasonat_private>
    To: <declanat_private>
    Subject: Re: No broad U.S. privacy laws costs "tens of billions," study says
    Date: Thu, 28 Mar 2002 02:13:16 -0600
    Gellman's report "Privacy, Consumers, and Costs" deserves careful scrutiny
    for its computation of  "costs incurred by both business and individuals due
    to incomplete or insufficient privacy protections reach tens of billions of
    dollars every year."
    On the question of identity fraud, he claims that "it is also true that
    extensive and largely unregulated trafficking in personal information -
    typically without consumer knowledge or consent - makes it easier for
    identity thieves to operate."
    The term "trafficking in personal information" is used ten times in
    Gellman's report, and is employed deliberately as if companies such as
    ChoicePoint and Acxiom occupy the same moral plane as, say,  Colombian drug
    cartels.  (In the minds of privacy regulators, perhaps they do.  In 2001
    Privacy International picked out ChoicePoint for opprobrium with its Big
    Brother Award.)  Identity fraud is an appalling problem, as is the woefully
    inadequate response by law enforcement and the financial services sector to
    it.   What exactly is the connection between companies which legally sell
    personal information business-to-business and the commission of identity
    fraud?  Here Gellman assumes too much.  It is commonly estimated that there
    are perhaps half a million cases of identity fraud each year, the media have
    killed many forests on the subject of "internet-related crime," and yet how
    many documented cases of identity fraud have been traced back to data
    obtained from ChoicePoint, Autotrack, or Lexis-Nexis, just to name the three
    most popular and powerful "look-up" services?  The answer is equal to the
    number of towns in Georgia named "Sherman" - zero.  Perpetrators of identity
    fraud tend to obtain information through outright theft, dumpster diving
    (shred your receipts, folks), bribery, company insiders, and scam phone
    calls.  Given the rather low-tech methods employed, it is hard to see how
    the runaway problem of identity fraud can be chalked up as a cost of
    incomplete or insufficient data-protection laws.  Just this week saw the
    sentencing of Felicia V. McFarland, a Auto License Bureau clerk in New York,
    for her role in a scam that used 120 fake non-driver's ID cards to defraud
    merchants.   How would stiffer privacy laws on the private sector prevent
    future DMV clerks from illicitly lining their pockets?  By the way,
    McFarland was sentenced to only 2 1/3 to seven years in prison.
    The crime of identity fraud typically involves the commission of half a
    dozen other federal crimes such as bank fraud, wire fraud, mail fraud, theft
    of mail, misuse of a Social Security Number, and the like.  For a criminal
    determined to commit identity fraud, the violation of an additional law
    against "trafficking in personal information" is of little consequence.  One
    might just as well argue for laws doubling the fines for speeding in a
    getaway car away from a bank robbery, or argue backwards that bank robberies
    are a "cost" of a lack of such laws.
    The fact of the matter is that privacy regulators simply hate companies such
    as ChoicePoint - period.  For them, it does not matter that ChoicePoint's
    online system has been used in zero cases of identity fraud, but has been
    used in countless cases to solves detect fraud.  The perception of
    "internet-assisted identity theft" is ideologically serviceable in a broader
    Fason and Associates
    Investigations & Judgment Enforcement
    1302 Waugh Dr #272
    Houston TX 77019
    vox 713.529.4279  Toll-free 866.865.4705
    fax 713.529.9864
    moderator of USprivacylaw at yahoogroups
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/
    Politech dinner in SF on 4/16: http://www.politechbot.com/events/cfp2002/

    This archive was generated by hypermail 2b30 : Thu Mar 28 2002 - 07:55:34 PST