Shostack + Friends Blog Archive


Choicepoint, March 29-31

  • Alacrablog discusses a Morgan Stanley research report:

    Certainly manageable numbers, but I think the report underplays both the potential growth in these markets prior to these incidents and the rising costs due to increasing regulation of the data brokers.

    There’s also an interesting post rounding up the SIA Anti-Money Laundering conference.

  • The Atlanta Business Journal reports that the Georgia House has passed a notification law.
  • Choicepoint may be developing an access system, according to a March 31 AP story that’s only been picked up by the Kansas City Star (bugmenot has logins):

    “You will receive the reports that we have on you,” Don McGuffey, the firm’s vice president for data acquisition, told the state’s Senate’s Banking, Finance and Insurance Committee on Wednesday.

    It doesn’t seem that they’ll be moving towards the right of correction. Rather, you need to convince whoever reported bad data to correct it, and they will update Choicepoint. (Based on past evidence.) Compare this to credit reporting agencies, who have to include your corrections or disputes. Michael Zimmer has comments as well.

  • Bruce Schneier quotes a Register article:

    Sadly, Congress’s response has been to increase the penalties for identity theft, rather than to regulate access to, and use of, personal data by merchants, marketers, and data miners. Incredibly, the only person with absolutely no control over the collection, storage, security, and use of such sensitive information is its actual owner.

    For this reason, it’s literally impossible for an individual to prevent identity theft and credit card fraud, and it will remain impossible until Congress sees fit to regulate the privacy invasion industry.

  • and Mark Earnest makes a similar point.
  • Finally, today’s Two Minutes Hate Irony is brought to you by “Ayn Rand is my Homegirl,” carrying a press release from

    Executive Alliance, Inc., the premier provider of leadership-recognition forums, today announced that it has named the Distinguished Panel of Judges for the first annual Information Security Executive of the Year (ISE) Midwest Awards(TM) 2005

    The judges panel includes:

    Rich Baich, Chief Information Security Officer Winner of the 2004 ISE in Georgia Award™ ChoicePoint … Leo Cronin, Senior Director, Information Security Finalist of the 2004 ISE National Awards™ LexisNexis Group

    Apparently, UC Berkeley doesn’t have a CSO.

My Choicepoint posts all show up the Choicepoint category archive.