Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Stuart K. Pratt.

Published byAmbrose Palmer Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Stuart K. Pratt."— Presentation transcript:

1 © 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Stuart K. Pratt

2 © 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Data Security Data Breach Notification Data Brokers Social Security Numbers

3 © 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Data Security &Data Breach Notification –These are two core issues which create legislative vehicles for a for broader range of issues related to data use and privacy. –Political complexity makes it difficult to move legislation at the federal level. –Media coverage focused on possible risks to consumers due to breaches. Alleged identity theft risks are often cited.

4 © 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Data Security &Data Breach Notification –Some of the key questions: What data is to be covered? What standard of security is to be applied? When should a consumer be notified. What rights does a consumer then have?

5 © 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Data Brokers –Several legislative efforts focused on creating a new regulated entity. –Who/what are data brokers? Human resources departments? Non-FCRA third-party databases? ISPs/Telecommunications? –FCRA-like requirements: Verification of data. Right to dispute and correction.

6 © 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Data Brokers – Problems with current approaches: –Possible tension with the operation of other federal laws. Examples: Gramm-Leach-Bliley Act Fair Credit Reporting Act –Concerns about the operation of products used to fight identity theft. –Impacts on direct-marketing databases.

7 © 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Data Security, Breach Notices & Data Brokers – why haven’t these bills moved? –Multiple congressional committees involved. –No one winner has emerged. –Jurisdictional issues not resolved. –Bills become complex and laden with too many issues affecting a wide array of industries.

8 © 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Data Security, Breach Notices & Data Brokers – why haven’t these bills moved? –Conflicts with the operation of other federal laws not adequately addressed. –States are moved where congress has not. 48 states plus the District of Columbia have a credit freeze law. More than 30 states have enacted data breach notification laws. –FTC investigations of unfairness and deception relative to data security and notification have impacted the marketplace.

9 © 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Regulation of Social Security Numbers –Paralleling the data security/breach/broker efforts in congress. –Some of the underlying issue drivers are the same. –Some of the same problems with moving legislation. –Not a new issue. Efforts have been ongoing in the states and in the congress since the 1990s.

10 © 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Regulation of Social Security Numbers –Often characterized as a key to a consumer’s identity. –Concerns about it being used as an method of verifying a consumer’s identity. –A symbol of a consumer’s risk of identity theft.

11 © 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Regulation of Social Security Numbers Goals vary in terms of proposals: –Prohibit most uses. –Establish a federal regulator (SSA or FTC ) to oversee use of the number. –Create a limited set of permissible uses. –Create incentives to end use of the number over time.

12 © 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Even in the absence of congressional action, what are the facts regarding identity theft risks?

13 19.8% N/A © 2008, Consumer Data Industry Association

14 16.2% N/A © 2008, Consumer Data Industry Association

15 N/A 11% © 2008, Consumer Data Industry Association

16 Projected 26% NOTE: Through March 31, 2008. Of 8.3 million consumers affected in 1Q 2008, 4.2 million were from one breach – Hannaford supermarkets © 2008, Consumer Data Industry Association

17 Congressional Privacy Policy Panel A 2006 case study in credit fraud prevention – debunking the myth that fast decisions lead to large-scale true name fraud. –Over 33 million in-store applications are processed by a single lender annually or over 90,000 applications per day. –Approximately 60% of all applications are approved or 19.8 million annually. –There is 1 fraudulent account per 1,613 approved applications. –Total fraudulent applications is 0.06% of the 19.8 million approved applications.

18 45% N/A © 2008, Consumer Data Industry Association

19 Congressional Privacy Policy Panel What to expect going forward: –Bills will be introduced again in the next congress. –Many of the same jurisdictional conflicts seen in the past will remain. –Bills will be broad and will be complex with tensions between data security, data breach notification and privacy issues (e.g., data brokers, etc.).

20 © 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Stuart K. Pratt

Download ppt "© 2008, Consumer Data Industry Association Congressional Privacy Policy Panel Stuart K. Pratt."

Similar presentations

Fair Credit Reporting Act You must be told if information in your file has been used against you You can find out what is in your file You can dispute.

Fair Credit Reporting Act You must be told if information in your file has been used against you You can find out what is in your file You can dispute.
Red Flags Compliance BANKERS ADVISORY 1 Red Flags Compliance Fair & Accurate Credit Transactions Act (FACTA) Identity Theft Prevention.

Red Flags Compliance BANKERS ADVISORY 1 Red Flags Compliance Fair & Accurate Credit Transactions Act (FACTA) Identity Theft Prevention.
Red Flag Rules: What they are? & What you need to do

Red Flag Rules: What they are? & What you need to do
NACARA Annual Conference Industry Perspectives Panel September 29,2014 Boise, Idaho Andy Madden Director State Government Affairs ACA International.

NACARA Annual Conference Industry Perspectives Panel September 29,2014 Boise, Idaho Andy Madden Director State Government Affairs ACA International.
Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.

Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.
Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.

Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.
Protecting Personal Information Guidance for Business.

Protecting Personal Information Guidance for Business.
I.D. Theft Alaska’s New Protection of Personal Information Act Ed Sniffen Senior Assistant Attorney General Alaska Department of Law.

I.D. Theft Alaska’s New Protection of Personal Information Act Ed Sniffen Senior Assistant Attorney General Alaska Department of Law.
PRIVACY BREACHES A “breach of the security of the system”: –Is the “unauthorized acquisition of computerized data that compromises the security, confidentiality,

PRIVACY BREACHES A “breach of the security of the system”: –Is the “unauthorized acquisition of computerized data that compromises the security, confidentiality,
Identity Theft. Identity Theft – Some Basics affects 12-15 million people per year keeps increasing each year most common items exposed during a data.

Identity Theft. Identity Theft – Some Basics affects million people per year keeps increasing each year most common items exposed during a data.
Are You Ready? Identity fraud and identity management are quickly becoming critical operational concerns for the financial industry. The Red Flags Guidelines.

Are You Ready? Identity fraud and identity management are quickly becoming critical operational concerns for the financial industry. The Red Flags Guidelines.
Identity Theft “Red Flags” Rules Under the FACT Act Reid Fudge CISSP, CISA Pulte Mortgage, LLC November 2008.

Identity Theft “Red Flags” Rules Under the FACT Act Reid Fudge CISSP, CISA Pulte Mortgage, LLC November 2008.
Consumer Privacy & Protection Joanna Acocella May 22, 2007.

Consumer Privacy & Protection Joanna Acocella May 22, 2007.
Red Flags Rule & Municipal Utilities

Red Flags Rule & Municipal Utilities
CONSUMER CREDIT LEGISLATION Carl Johnson Financial Literacy Jenks High School.

CONSUMER CREDIT LEGISLATION Carl Johnson Financial Literacy Jenks High School.
Can the US Meet International Privacy Standards in an Era of Personal Health Records, Consumer Scores and Watch Lists? UNSW's Cyberspace Law and Policy.

Can the US Meet International Privacy Standards in an Era of Personal Health Records, Consumer Scores and Watch Lists? UNSW's Cyberspace Law and Policy.
Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.

Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.
2010 Legislation and Health Care Reform; How it will affect dentistry?

2010 Legislation and Health Care Reform; How it will affect dentistry?
Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.

Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.
1 Information and Systems Security/Compliance Security Day - 2005 The Information and Systems Security/Compliance Program Dave Kovarik.

1 Information and Systems Security/Compliance Security Day The Information and Systems Security/Compliance Program Dave Kovarik.

Similar presentations

Ads by Google