With recent events (Choicepoint, Bank Of America, PayMaxx, and Lexis Nexis) leading to a new privacy law for the United States, what should it say? How can we tell a good law from a bad one? Some disclaimers: I’m not entirely in favor of a new law. There’s a lot of potential for harm when…Read More New American Privacy Law: What Could It Say?
Harry Weber of the Associated Press is looking to talk to Choicepoint employees. Email him at email@example.com He’s been covering the story since it broke. The readers of Chief Security Officer Online have spoken, and not one opposes more disclosure laws. (As of noon, Thursday.) Bruce Schneier asks why Choicepoint seems to be saying “Please…Read More Choicepoint Roundup, March 10
The American Banker has a long story about how some regulations from GLB are now five years behind schedule: Ironically, both bankers and consumer advocates panned the agencies when they proposed guidelines on identity theft prevention in August 2003. The 25-page guidelines were based on Section 501 of the Gramm-Leach-Bliley Act of 1999, which required…Read More Financial Privacy Regulations, 5 Years Behind?
To follow up to my post on Terror Suspects and Firearms, I’d like to take a moment to rail against the Kafka-esque implementation of “watch lists” in the United States. For the FBI, or other investigative or intelligence agencies, to have lists of “interesting people” makes perfect sense. You’ll always have people who you suspect…Read More More on Watch Lists
Tara Wheatland has a long post Un-Spinning the ChoicePoint Scandal. (Via Personal Democracy Forum.) Local TV station WXIA Atlanta says ChoicePoint Management Under Fire Not actually Choicepoint, but DSW Shoes and Seisint, makers of the massively overhyped MATRIX database for law enforcement have both announced breaches. I wonder when the attackers are going to start…Read More Choicepoint Roundup, March 9
Today’s roundup takes a different turn with more about privacy-invasive infrastructures. Also, previous scammer gets 5½ years, and Choicepoint appoints a new officer to deal with compliance and credentials. Deep in the Heart of … France discusses the move to hosted applications, and ties in Choicepoint as an example of the new security issues, like…Read More Choicepoint Roundup, March 8
Saturday’s New York Times reports (thanks Alex for the pointer): Lt. Ronnie Williams, project director of the Southern California Identity Theft Task Force, which is investigating the ChoicePoint case, said that the breach was brought to his agency’s attention in late October, and that on Nov. 23, the agency asked the company to delay notifying…Read More Choicepoint Roundup, March 7
The Atlanta Journal Constitution contains the first MSM discussion I’ve seen of Derek Smith losing his job over this. Evan Hendricks of Privacy Times has a good article in the Washington Post, discussing who owns data, how we’ve gotten here. Axel, of Balrog.de comments “that ChoicePoint does NOT state in that Form 8-K that they…Read More Choicepoint Roundup, March 6
My big question for the day: When Choicepoint announced a re-screening of their small business customers, that segment was 5% of their $900m revenue. Today’s announcement of closing that segment is $15-20m, or about 2%. So it seems that the exceptions that they list in their 8K account for 60% of their small business sales.…Read More Choicepoint Roundup, March 5
The focus of today’s roundup is “an object lesson in how not to manage a crisis.” Call Choicepoint CEO Derek Smith at home, 770 667 5775, and tell him what you think. Remember, Atlanta is on Eastern Standard Time. On to the roundup: Not Bad For a Cubicle points out that “This is the first…Read More Choicepoint Roundup, March 4