The Federal Trade Commission today told the House Committee on Ways and Means, Subcommittee on Social Security, that there are steps that government, industry, and consumers can take to help stem the tide of identity theft.
Testifying for the Commission, Joel Winston told the Committee that the FTC has established a Division of Privacy and Identity Protection, which he heads, and which is staffed with experts in privacy, data security, and identity theft. The Division focuses resources on cutting edge consumer privacy matters through aggressive law enforcement, as well as rulemaking, policy development, and outreach to consumers and businesses. “The FTC serves a key role as the central repository for identity theft complaints, facilitates criminal law enforcement in detecting and prosecuting identity thieves, and provides extensive victim assistance and consumer education.”
The testimony notes that the use of Social Security Numbers plays a vital role in the country’s economy. “With 300 million American consumers, many of whom share the same name, the unique nine-digit SSN is a key identification tool for businesses, government, and others.” Mr. Winston said that credit reporting agencies use the numbers to ensure that credit data ends up in the right files and businesses use the reports to determine whether to extend credit, insurance, or employment to consumers. “Without the ability to use SSNs as a personal identifier and fraud prevention tool, the granting of credit and the provision of other financial services would become riskier and more expensive and inconvenient for consumers.” Restricting the disclosure of SSNs also could impact public health initiatives, criminal law enforcement, and anti-fraud and antiterrorism efforts.
“The challenge is to find the proper balance between the need to keep SSNs out of the hands of identity thieves, while giving businesses and government entities sufficient means to attribute information to the correct person,” the testimony states.
The FTC has pursued aggressive law enforcement against companies that failed to provide reasonable and appropriate security for sensitive customer data. It also has challenged organizations that have made deceptive claims about privacy procedures and security. “Since 2001, the Commission has brought twelve cases challenging businesses that have failed to take reasonable steps to protect sensitive consumer information in their files.” The Commission recently reached a settlement with ChoicePoint, after the company allegedly allowed identity thieves to gain access to files of 160,000 consumers. The company paid $10 million in civil penalties and $5 million in consumer redress for identity theft victims, the testimony notes.
To combat identity theft, the Commission hosts a toll-free hotline at 1-877-IDTHEFT, and a secure online complaint form for consumers concerned about identity theft. “Every week, the Commission receives about 15,000 to 20,000 contacts from victims and consumers seeking information on how to avoid identity theft,” the testimony says.
“The Commission also has taken the lead in developing and disseminating identity theft-related consumer education materials, including an identity theft primer, ID Theft: What It’s All About, and a victim recovery guide, “Take Charge: Fighting Back Against Identity Theft. The Commission has distributed more than 2.1 million copies of the Take Charge booklet since its release in February 2000, and has recorded more than 2.4 million visits to the Web version.
The agency has trained criminal law enforcers and has worked with businesses and industry and maintains the Identity Theft Data Clearinghouse with more than 1,060,000 consumer complaints. “Since its inception, nearly 1,400 law enforcement agencies have registered for access to the Clearinghouse database,” according to the testimony.
The testimony notes that there are other things that government, industry, and consumers can do to reduce identity theft. “First,” the testimony states, “both government and industry need to consider what information they collect and maintain from or about consumers and whether they need to do so. Entities that possess sensitive consumer information should continue to enhance their procedures to protect it. The Commission will continue its law enforcement and outreach efforts to encourage and, when necessary, require better protections.”
“Second, industry should continue the development of improved fraud prevention methods to stop identity thieves from misusing the consumer information they have managed to obtain. In this regard, the FACT Act should prove instrumental by requiring the bank regulatory agencies, the NCUA, and the FTC to develop jointly regulations and guidelines for financial institutions and creditors to identify possible risks of identity theft.”
“Third, the Commission will continue and strengthen its efforts to empower consumers by providing them with the knowledge and tools to protect themselves from identity fraud and to deal with the consequences when it does occur.”
The Commission vote to approve the testimony was 5-0.
Copies of the testimony are available from the FTC’s Web site at http://www.ftc.gov and also from the FTC’s Consumer Response Center, Room 130, 600 Pennsylvania Avenue, N.W., Washington, DC 20580. The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint in English or Spanish (bilingual counselors are available to take complaints), or to get free information on any of 150 consumer topics, call toll-free, 1-877-FTC-HELP (1-877-382-4357), or use the complaint form at http://www.ftc.gov. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to thousands of civil and criminal law enforcement agencies in the U.S. and abroad.
Claudia Bourne Farrell
Office of Public Affairs
Office of Public Affairs