Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Privacy Government Politics

ChoicePoint Identity Theft Fallout Widens 297

dstates writes "A unique California law forced ChoicePoint to reveal that a break-in had compromised accounts revealing personal information on 40,000 southern californians and leading to more than 750 cases of identity theft. The company initially denied that the break-in compromised consumers outside of California, but CNN is now reporting that 110,000 accounts nationally have been compromised. 'The irony appears to be that ChoicePoint has not done its own due diligence in verifying the identities of those 'businesses' that apply to be customers,' said Beth Givens, director of the Privacy Rights Clearinghouse. 'They're not doing the very thing they claim their service enables their customers to achieve.'"
This discussion has been archived. No new comments can be posted.

ChoicePoint Identity Theft Fallout Widens

Comments Filter:
  • by ackthpt ( 218170 ) * on Friday February 18, 2005 @05:05PM (#11717363) Homepage Journal
    'The irony appears to be that ChoicePoint has not done its own due diligence in verifying the identities of those 'businesses' that apply to be customers,' said Beth Givens

    ChoicePoint: "Who goes there?"
    Voice: "Thurston Howell III"
    ChoicePoint: "A likely story!"
    Voice: "Sherlock Holmes"
    ChoicePoint: "We weren't born yesterday!"
    Voice: "Landshark"
    ChoicePoint: "That's better, here's 35,000 files, let us know if you need anymore."

  • SHUT THEM DOWN (Score:5, Insightful)

    by centipetalforce ( 793178 ) on Friday February 18, 2005 @05:05PM (#11717366)
    Serirously- this isn't paperclips these people are selling ITS YOUR PERSONAL DATA. They need to be closed, and whoever responsible needs to go to jail- and everyone involved in covering up the crime deserves to live in poverty for the rest of their fucking lives.
    • Actually that may happen via the courts system. By their attempt to obfuscate what happened, they may have worsened the situation. I think they have worsened the legal difficulties they may have in the coming class action suit that is sure to come about.
      • Re:SHUT THEM DOWN (Score:5, Insightful)

        by Jeremiah Cornelius ( 137 ) on Friday February 18, 2005 @05:23PM (#11717575) Homepage Journal
        IANAL, but I am a Security Consultant. Considering the financial and healthcare data, there are probably SERIOUS violations of GLBA and HIPAA. Let's look for some SOX violations, and get jail-time for the CEO!
        • by nizo ( 81281 ) * on Friday February 18, 2005 @05:54PM (#11717868) Homepage Journal
          How long until we don't use words anymore, but instead only use acronyms?

          IANAL: I am not a lawyer (whew got one of them at least)
          GLBA: Gay/Lesbian/Bi Association??(I don't want to know how they get violated) :-)
          HIPAA: Some kind of privacy thing relating to medical records (can't recall exactly what it stands for) Health Information Privacy something something
          SOX: I think Linux uses this to play sound files
          CEO: Criminal Executive Office or something like that, often known as "head scapegoat" (and often rightly so)

          I am not picking on you, just trying to provide some late Friday humor for everyone waiting to escape at 5pm.

    • Re:SHUT THEM DOWN (Score:5, Interesting)

      by shanen ( 462549 ) on Friday February 18, 2005 @05:53PM (#11717852) Homepage Journal
      Serirously- this isn't paperclips these people are selling ITS YOUR PERSONAL DATA. They need to be closed, and whoever responsible needs to go to jail- and everyone involved in covering up the crime deserves to live in poverty for the rest of their fucking lives.
      Nice thought, but Dubya would pardon them. After all, this is the same company that put him in the White House in the first place. Or have you forgotten that he claims to have won by 500 votes while ChoicePoint helped disenfranchise thousands of primarily Democratic voters.

      (Of course, Dubya's margin was so slim that *LOT'S* of groups can claim discredit for slipping him into the White House. Irregardless of the various culprits, we're all suffering for it now.)

      Anyway, as I noted in the earlier thread on this topic, I think we need to establish the principle that *YOU* own the personal data about *YOU*, and no one can use it or sell it without *YOUR* permission. This is actually a logical implication of the Fifth and Sixth Amendments. However, to give it teeth, I think we also need to appeal to "Possession is nine points of the law", and *YOU* should be able to store your own data on *YOUR* own computer. Anyone wants to see it, they ask for your permission (or prove they deserve a search warrant).

    • What are you telling us for? Why aren't you writing your senators instead?

      Seriously- all of you who have been making this same complaint on Slashdot- have you also been complaining to your elected representatives? (I haven't, but I have an excuse- I live in the "People's Republic of California". No letter from ChoicePoint in my mailbox yet!)

      This is really amazingly egregious that they shouldn't be required by law to contact you if they realize they sold your mother's maiden name to mobsters. I can't belie
    • Re:SHUT THEM DOWN (Score:2, Insightful)

      by s74n13y ( 854884 )

      So a unique California law, under their misnamed "deregulation" system, caused them to open their books, when they simply feel that 110,000 to 350,000 consumers are ignorant. They were entrusted with data security, was it worth it? Anyway, how many more consumers' personal data was thoroughly scrutinized by these thieves? This is what you got when you let ex-Governor Davis exercise his own self interest, the economy of California and rolling blackouts leading to a re-statement of Enron's books. When will th

      • I read your post twice and can't understand a word of it. Is it some kind of code or are you a raving lunatic. I feel like you have something to say, but it's totally lost among the various threads of your Cali-spiracy theory.
      • I have to agree with the other guy who responded to this... I can't make out what your position is or is based on, other than "California FAILED us" somehow, for which no supporting evidence is offered. And looking at your posting history, you seem to have had a very short posting career during which you have been puzzling other people [slashdot.org] as well. [slashdot.org]

        Are you a human being or did some clever coder write you as a fun side project?
    • Re:SHUT THEM DOWN (Score:2, Insightful)

      by vinn01 ( 178295 )
      .. and no company will ever have a security breach again.

      If you make the penalty for security breaches so severe, at the very first sign of a breach, a company will wipe all trace of it and pretend that nothing ever happened.

      A lot of companies already do this for the sake of "saving face" in the marketplace. No company wants it to be widely known that they don't know how to secure sensitive data.

      I bet that ChoicePoint was caught red-handed, otherwise we would not be hearing (and complaining) about this
      • Re:SHUT THEM DOWN (Score:3, Interesting)

        by SpacePunk ( 17960 )
        It's not that there was a 'security breach' It's that they actively lied to cover up their stupidity. If you listen to CNN and other news outlets the loss of information was because of 'hackers'. Not because they just gave out information willy-nilly to anyone who said they were a business. They also only warned only California residents that the information was 'stolen' (not sold as it was), and did not make the announcement that the scope of the information they gave out covers literally all 50 states
    • Re:SHUT THEM DOWN (Score:3, Insightful)

      by Stiletto ( 12066 )

      Seriously- Nothing is going to happen to the CEO of ChoicePoint, or anyone else in charge. Worst that'll happen is a few execs are pushed out with multi-million dollar golden parachutes. They'll be retiring with their mansions and yachts, and we, the little people will be fired, homeless, or in jail because our credit report and background check says we're deadbeats and wanted criminals.

      I LOVE THIS COUNTRY!
    • Re:SHUT THEM DOWN (Score:4, Insightful)

      by demachina ( 71715 ) on Friday February 18, 2005 @08:08PM (#11719062)
      Nice sentiment but not very realistic. If you close down ChoicePoint you would pretty much have to go after Equifax, Experian(formerly TRW), and Trans Union. In case you don't know the name these are America's big three credit bureaus, where Choicpoint is more ID, criminal record, and financial records rolled in to one. It appears pretty much anyone can form a corporation and start collecting your personal data, thats what all four of these companies did.

      Why do they exist, because other corporations want and need the data they have on you and will pay for it, that includes potential employers and landlords, banks, car dealers, real estate brokers, etc. etc.

      You can't stop all this information tracking without eviscerating employment screening, loans, credit cards, etc. I'd be all for it personally but there are trillions of dollars of big business that rely on these companies and they would scream bloody murder if you tried to shut them all down.

      Choicepoint in particular probably experienced a boom after 9/11. The rampant paranoia that ensued multiplied by an order of magnitude the number of employment ID and criminal background checks employers conduct on prospective employees. Chances are if you are applying for a job with a company of any size their HR department is getting a COMPLETE run down on you form Choicepoint or someone like them, every criminal offense, how good you are at paying your bills, bankruptcies, loan history etc. Chances are they know every gory detail of your entire life, before you get an offer letter.

      In case you didn't know Choicepoint sucks up every court document in every state so they probably have a more detailed criminal history on everyone than state or federal governments.

      Its not entirely clear what the benefit is of having 3 different agencies scoring your credit plus Choicepoint, it just increases the likelihood of data compromise, and if there is an error in your credit report you pretty much have to correct it in all 3 places at your expense. But again any company can form to do this and all they have to do is collect data, market themselves and gain momentum where enough people use their service and you can have 4 or 10 agencies like this.

      There is some regulation [creditreporting.com] of credit bureaus, though I'm not sure Choicepoint falls under it, they should.

      You could propose that only the Federal government should hold all this data but it doesn't really help because this whole system is predicated on allowing pretty much any business who wants it to request this information about you before they hire you or give you credit.

      You in fact have no privacy and haven't had for a while. Until the Federal government converts your Social Security number to a true encrypted digital signature with some minimal security, i.e. a password only you know to validate its yours, EVERYONE is a sitting duck for identity theft in the network era.
  • Trust us! (Score:5, Interesting)

    by Thud457 ( 234763 ) on Friday February 18, 2005 @05:06PM (#11717377) Homepage Journal
    How does someone determine if Choicepoint had data on them?
    • by JohnGrahamCumming ( 684871 ) * <`slashdot' `at' `jgc.org'> on Friday February 18, 2005 @05:08PM (#11717402) Homepage Journal
      Start a fake company, register with ChoicePoint and look yourself up!

      John.
      • Re:Trust us! (Score:5, Insightful)

        by Mysticalfruit ( 533341 ) on Friday February 18, 2005 @05:14PM (#11717479) Homepage Journal
        The irony being that if you called checkpoint or even showed up at their door with documents proving that you were who you said you were, they probably wouldn't show you the data they've got stored on you.

        Not to mention the fact if they have erroneous data in their databases, you probably never get it corrected.
    • Be born in the USA and have done one or more of the folling things.

      Have a Bank Account.
      Have a Credit Card.
      Have Medical Insurance.
      Have Medical Bills.
      Purchase service from an Utility Company.

      If you answer yes to one or more of the above there is a 99+% chance they have records on you.
    • Simple! (Score:3, Informative)

      by serutan ( 259622 )
      Just wait for a letter from a law firm informing you that you are a member of the class action suit against ChoicePoint.

      optional additional steps:
      2. Do nothing.
      3. Profit!!!
    • by doublem ( 118724 ) on Friday February 18, 2005 @05:17PM (#11717512) Homepage Journal
      Actually, you can receive a copy of your profile.

      This page [choicepoint.com] on the ChoicePoint web site points to Choicetrust [choicetrust.com]. (Insert joke about the mane choice here)

      From the Choicepoint web site:

      FACT Act Compliance

      The Fair and Accurate Credit Transactions Act (FACT Act) was enacted in 2003 and amends the Fair Credit Reporting Act (FCRA), a federal law that regulates, in part, who is permitted to access your consumer report information and how it can be used. The FACT Act entitles consumers to obtain one free copy of his/her consumer file from certain consumer reporting agencies during each 12-month period.

      ChoicePoint has three separate companies that maintain consumer files that are subject to the free disclosure requirement: C.L.U.E. Inc. maintains information on insurance claims histories, ChoicePoint WorkPlace Solutions Inc. maintains employment history information, and Resident Data Inc. maintains tenant history information. Each of these companies designed an easy process for consumers to request their free file disclosure.

      Please note that a consumer file does not necessarily exist for you with any one of the three companies. For example, if you have not filed a claim with your auto or home insurance company during the last five years, we will not have a report on you. If you have not applied for employment with a customer that we serve, we likely will not have an employment history report on you. If you have not submitted a residential lease application with a customer that we serve, we will likely not have a tenant history report on you.
      To request copies of your claims history report, visit www.ChoiceTrust.com or call 1-866-312-8076.

      To request a copy of your employment history report, call 1-866-312-8075.

      To request a copy of your tenant history report, call 1-877-448-5732.

      If you would prefer to send your request by mail, please send your name and address to the appropriate address below. A report request form will be sent to you to complete and return.

      For claims history reports:

      ChoicePoint Consumer Disclosure Center
      P.O. Box 105295
      Atlanta, GA 30348

      For employment history reports:

      ChoicePoint WorkPlace Solutions Consumer Disclosure Center
      P.O. Box 105292
      Atlanta, GA 30348

      For tenant history reports:

      Resident Data Consumer Disclosure Center
      P.O. Box 850126
      Richardson, TX 75085-0126
      • Well, I tried to go through the process for the free report, but they refused to provide anything. It actually felt more like I was participating in a phishing scam with an especially impressive click-through-and-we-own-your-firstborn-child legal agreement.

        Actually, I think the real explanation is that they have a bunch of lawyers on their side, and they are looking very carefully at every loophole and possible reason to avoid telling you anything. Sure, legally speaking, they have to provide the informat

        • /rant

          ALL credit reporting companies are like that, i tried to contact chexsystems once about a bounced check( i was out of the country at the time, didn't get the notice that my account was overdrawn) so, chexsystems decides i'm a theat to banks for bouncing a 20$ check 2 years ago, blacklists me from banks, i pay the bill, and the bank claims they will notify chexsystems that its paid. 3 years later, i've written, emailed, gone through their web system, called them (good luck!) asking A) for my data, an

      • > Please note that a consumer file does not necessarily exist for you with any one of the three companies.

        But it certainly will AFTER you have made a request to see their records, if any, on you.

        There is something inherently broken about having to give up your personal information to the very companies who abuse it in order to find out if they are abusing it.

        As a minimum, I think the FACT Act should be modified to prevent the companies from recording or otherwise using any of the information you prov
      • Glad you posted that link. I went to their page and sure enough, they have wrong info on me and my insurance claim history. Calling them up now to correct it. Maybe if enough people swamp them with calls, they won't be so eager to be in business anymore.
  • Initial denial (Score:3, Interesting)

    by SafteyMan ( 860733 ) on Friday February 18, 2005 @05:06PM (#11717381)
    What really upsets me is how they originally denied that anyone outside of California had their informaion comprimised.
  • by darkonc ( 47285 ) <stephen_samuel&bcgreen,com> on Friday February 18, 2005 @05:06PM (#11717385) Homepage Journal
    'They're not doing the very thing they claim their service enables their customers to achieve.'"

    If they did that, it would cost them business. That would cost them profit. They're a company. Next question?

    • Even worse, by law they have to listen to their investors. Worse than that, their investors have no shame and no concience.

      Pity the souls so caught up in their own greed and blind money-grubing they would invest in this company.

    • If they did that, it would cost them business.

      In the short term, maybe. In the long term, it caused them... well, this.

      Companies, even public ones, are quite capable of taking the long view -- it's just that so many don't.
      • In the long term, it caused them... well, this.

        As bulk mail, it'll probably cost them about $20K to send out snail-mail notices. Far less (perhaps $2K) if they manage to send out email notices. I figure that that's nothing compared to what they've gotten from questionable companies making requests. -- In fact, I'd be shocked if they were charging less than $1.00 per query (probably more in the range of $10), which would still leave them with a healthy profit buffer.

        • As bulk mail, it'll probably cost them about $20K to send out snail-mail notices.

          I'd be extremely suprised if the cost of mailing out the notices was a noticable fraction of the costs incurred by this incident.

          Consider the inevitable class-action suit, the cost of fighting privacy bills (whose supporters just got some extra ammo), and the like.
          • If they go almost-bankrupt as a result of the class-action suit, it might cause them to be more careful about who they allow to do searches. Truth of the matter is that the only reason we even know the scale of this is that California had a left-wing commie customer notification law on the books, otherwise they would have probably just sent out notices to thousand of the most seriously affected and hoped that nobody noticed a larger pattern.

            As it is, even a class-action suit might not cost them as much

    • Next question?

      Fuck off.
  • by thinkliberty ( 593776 ) on Friday February 18, 2005 @05:08PM (#11717398)
    "leading to more than 750 cases of identity theft." I wonder how many total cases of identity theft this incident will cause.

    The only way to know is to notify all people that had their identity stolen. All 50 states need to have a ID theft law like California.
  • by PatientZero ( 25929 ) on Friday February 18, 2005 @05:08PM (#11717410)
    We developers are fond of saying that we eat our own dog food, meaning that we use the tools be build. So does ChoicePoint use their own service, implying their service is suboptimal, or do they simply feel that our data security isn't worth it?

    Either way, how many more times do things like this need to occur before people will become widely convinced that companies such as these need to be more thoroughly scrutinized?

    • Well, the other question is whether or not the data that they do have on me is accurate. If they don't verify data about their customers, how sure can we be that they're verifying data about me or you?

      Of course, they'll claim that they don't have to verify it, under whatever laws currently exist. I think that privacy laws like apply under HIPAA for medical records should be required for any business system which includes social security numbers.
    • The standard consumer is getting stupider and stupider. Never in history have people been so crappy at their own finances. Look at the amount of debt in this country. Sure, I would literaly kill someone to get a new 60' Sony HDTV. However, I am not going to ruin my future and retirment because of my tech lust.

      Debt Debt Debt. This apathy has carried into our government with a NEW RECORD BREAKING DEBT AMOUNT!

  • What you get (Score:5, Insightful)

    by mboverload ( 657893 ) on Friday February 18, 2005 @05:08PM (#11717412) Journal
    This is what you get when consumer information is obtained and stored behind a cloak of secrecy. This is what you get when privacy laws are not enforced or valued. This is what you get when the standard consumer is ignorant and apathetic to the importance of person information.
  • denied? (Score:5, Insightful)

    by fireduck ( 197000 ) on Friday February 18, 2005 @05:09PM (#11717420)
    "The company initially denied that the break-in compromised consumers outside of California"

    Did they actually deny that no one outside of California was compromised, or was it just that they weren't legally obligated to inform anyone outside of the state? From Monday's story, I got the distinct impression that it was the latter (i.e., no legal obligation), rather than outright deception. Regardless, it's still a really crappy thing to have happened.

    (on a personal note, given that the break-in happened months ago, and i just got my yearly free credit reports from the 3 agencies and didn't see anything suspicious, I guess I'm a lucky SoCalifornian...)
    • Lucky? (Score:5, Funny)

      by PornMaster ( 749461 ) on Friday February 18, 2005 @05:14PM (#11717481) Homepage
      Well, I just got your credit report from the 3 agencies, and I feel obliged to tell you that with an average FICO score of 559, you probably shouldn't be calling yourself lucky.
    • by darkonc ( 47285 ) <stephen_samuel&bcgreen,com> on Friday February 18, 2005 @05:32PM (#11717650) Homepage Journal
      Nope. They never denied that there were non-Californians affected. All that they confirmed is that California law required them to inform the 35,000 affected CA residents. Given that CA represents about 10% of the US population, I took that to mean that there were about 300,000 affected US residnts.

      That they're announcing that they're 'only' informing 100,000 other US residents can be explained in any of the following ways:

      • The attacks were focused on CA residents, for some reason.
      • They have only identified 100,000 people this week, and there's another 3 weeks of work to do.
      • They are willfully underreporting the actual numbers and hoping that nobody will do the research to prove them wrong.
      • Given that the law doesn't require them to inform everybody who got hit, they're only informing those non CA residents who got hit the worst. 2/3 of the people who would have been informed under CA law will never know...
      The most interesting information is between the lines. Learn to read there more often. ("Diplomacy is the art of telling a lion 'Nice kitty kitty' while you search for a big rock. Media relations is doing for a company what a diplomat does for a country.")
  • by Anonymous Coward
    I emailed Choicepoint demanding an explanation. here is the response:

    From: CorpMktg.Communications@choicepoint.com

    ChoicePoint was recently a victim of organized fraud, and we understand
    this news may be cause for concern.

    A very small number of criminals posed as legitimate companies in order to
    gain access to personal information about consumers. When the fraud was
    discovered, access to information was immediately discontinued and the
    authorities were notified.

    ChoicePoint has acted quickly to address the c
  • Importance (Score:3, Insightful)

    by mboverload ( 657893 ) on Friday February 18, 2005 @05:12PM (#11717446) Journal
    Tell me one person who would be against putting these executives in JAIL. They were entrusted with data on almost every human being in the United States and they FAILED US. Get the stake, timbers, gasoline, and matches. Heaven knows I am ready for blood.
  • Manifest Destiny (Score:5, Insightful)

    by Doc Ruby ( 173196 ) on Friday February 18, 2005 @05:13PM (#11717457) Homepage Journal
    These kinds of California "sunshine" laws are also the only reason we found out about Enron before it took the whole US economy, not just Houston, down with it. Enron was required by California law, under their misnamed "deregulation" system, to open its books, because it was supplying a lot of energy to Californians. Enron refused, claiming that, as a Texas company, it was not under California jurisdiction. That was when Governor Davis famously asked the Federal Department of Energy to step in, to resolve this interstate conflict. The DOE refused to referee, and Davis eventually found other means to force open Enron's books. When they were reviewed, not only was $8B in California overcharges revealed, but the entire network of Enron debt-laundering was exposed. As well as the rest of their system-gaming that took them out.

    California is far from perfect. But their 35M consumers are unusually well protected by laws in the public interest. The economy of California scale forces car makers around the country, and around the world, to comply with their higher standards. Perhaps we will see California's own self interest protect us from other scams like these, as we all get closer to the Golden State.
    • 35M consumers (Score:3, Insightful)

      by serutan ( 259622 )
      Maybe this is nitpicking, but could we please go back to saying "citizens" instead of "consumers?" Because consumers take whatever crap you give them. Citizens don't.
      • Re:35M consumers (Score:5, Insightful)

        by Doc Ruby ( 173196 ) on Friday February 18, 2005 @05:32PM (#11717643) Homepage Journal
        I wish we were all crap-rejecting citizens. But the fact is that these laws protect consumers, who corporations prize, not simply citizens, who corporations ignore. They're "consumer protection laws". The corporate execs like Ken Lay and his California office minions aren't as well protected by these laws, because they're citizens, not consumers. That's how we've got a fighting chance.
      • I've seen a sig that reads:

        "I am not merely a consumer or a taxpayer. I am a citizen of the United States."
    • And california is a blue state hmmm....

      Democrats are just plain *old* evil (influence peddling), whereas Republicans are the cartoonish super-villiany evil where it doesn't even make sense to be that evil (basically: any business that makes money is good, no matter how much damage they do)

      • What is evil influence peddling about California's consumer protection and sunshine laws?
        • What is evil influence peddling about California's consumer protection and sunshine laws?

          The loopholes and exceptions, traded political influence for campaign donations, etc. Often, such loopholes end up constraining all but a favored few, in the end, having the effect of concentrating power, and encouraging the behavior that the original law was intended to discourage. (ie. CAN SPAM act, etc.)
          • You're talking about the campaign and lobbying sytem generally. Again, what is evil influence peddling about California's consumer protection and sunshine laws , the topic we're discussing? And how is that "Democrat", when Republicans are at least as guilty?
  • Choice quotes... (Score:5, Interesting)

    by GillBates0 ( 664202 ) on Friday February 18, 2005 @05:13PM (#11717464) Homepage Journal
    ChoicePoint maintains personal profiles of nearly every U.S. consumer, which it sells to employers, landlords, marketing companies and about 35 U.S. government agencies.

    I love the way marketing companies have more access to my personal information than I do. Moreover, they're among the "legitimate" businesses who the company claims it sells information to -- any dick and harry spammer joint can be called a "marketing company". In other words, if you have enough money to pour down their gullet, you have the information.

    The company says its records enable law enforcers to track down serial killers and have helped find 822 missing children.

    Yeah, since they help children, they cannot be an irresponsible company.

    "The topic of the responsible use of information is a vital one to our society ... we support a national debate on this very topic," ChoicePoint President Doug Curling said.

    Classic tangential marketspeak response from the president.

  • Stock doing ok? (Score:3, Interesting)

    by D3 ( 31029 ) <daviddhenning@nOsPAM.gmail.com> on Friday February 18, 2005 @05:14PM (#11717482) Journal
    Looks like their stock is still doing ok. Although that could change come Monday. Graph [washingtonpost.com]
  • by DAldredge ( 2353 ) <SlashdotEmail@GMail.Com> on Friday February 18, 2005 @05:15PM (#11717490) Journal
    Checkpoint Client Verification = Did the check clear? Is yes then WELCOME ABOARD!
  • I wonder if the choicepoint execs are included in information you purchase from choicepoint?
  • by SilentJ_PDX ( 559136 ) on Friday February 18, 2005 @05:19PM (#11717538) Homepage
    I'm an Oregonian... so you know it takes a lot for me to say anything nice about California but...

    I just want to thank California for their identity fraud laws that force businesses to disclose when an unauthorized person has accessed records illegally. If it weren't for that, we probably wouldn't know anything about this.
  • by Spy Handler ( 822350 ) on Friday February 18, 2005 @05:22PM (#11717568) Homepage Journal
    I've never heard of them before this story broke, I don't know anyone who's heard of them, so how did they end up with my credit card# and SS# which is now compromised?

    And yes, I live in California and yes I've RTFA, this is just an angry response not a true question.

    • I said it monday, but it's worth repeating. [slashdot.org]
  • Gee, aren't corporations are the "free market" so much better and more efficient that the government?!

    I guess that is why the personal data from the government databases are getting hacked and stolen, but it never happens to databases controlled by corporations....

  • by bot ( 235273 )
    We need to have laws that changed that prevent private companies from collecting data, or requesting data on citizens unless the person concerned permits it. I know the credit scores are important yada, yada, but its our data, and we should own it. Companies that profit from our data should be required to take our permission to collect and distribute it.

    Any fellow californians interested in starting a initiative for this? Especially those who know how to go about it- I don't!
    • My suggestion to curb corporate malfeasance would be for the victims to be awarded the corporate assets.

      Then the stockholders MIGHT be more inclined to watch more carefully what they put their money into!

      Here's to investor responsibility - eventually responsibility has to land somewhere... the system as it stands is broken - so let's harness the marketplace to fix it.
  • by Anonymous Coward
    Bush just signed a bill to curb class action lawsuits. link to full story below:

    http://abcnews.go.com/Politics/wireStory?id=512771 [go.com]
  • Double Edged Sword (Score:2, Insightful)

    by Mindmaniac ( 860098 )
    Before condemning all of ChoicePoint look at all of the good things they have done like solving hundreds of rape cases, finding missing children, and doing the DNA tests of thousands of crimes. This incident is the result of one offices mistakes and I don't think it is representative of who they are as a whole. If someone wants information bad enough the'll get it. Look at how many times the CIA's website has been hacked into.


    • Are you kidding me? What sensitive information is on the CIA's website?

    • Must MILLIONS of US citizens have their personal information warehoused, prostituted, and subject to theft because of the comparatively few that it may have helped? This is one case where I believe the cost FAR outweighs the benefit.
    • If the rest of their data handling is as solid as their consumer data handling, how much reasonable doubt have they created in those cases?

      If someone wants information bad enough the'll get it. Look at how many times the CIA's website has been hacked into.

      Considering the F and D+ grades so many government agencies get for computer security, that's not necessarily saying much.

  • Can somebody explain how the F these people get personal info about all these people? Is there a way to know if they have my info?
    • This is how it works- pretty much everything about you is a matter of public record. That time you got arrested, your address and phone number, etc. ChoicePoint sits outside the courts and buys up all the data the counties are willing to sell them, and dumps that into their database.

      Then there's things that if you have a permissible purpose (as defined in the FCRA) like someone deciding on whether or not to loan you money, rent you a house or give you a job, that allows them to look at the loan you took
  • California, at lesat, has stalking laws that makes it a criminal offense to follow another person around etc. Now we need laws that would make it illegal for companies to stalk, archive, or release personal financial records to third parties. In particular it should be be legal for any person or corporation, such as a bank, that reports financial matters about a person to the IRS to request or store social security numbers. The rest should be subject for severe penalties. I suppose that the companies wo
  • by torrentami ( 853516 ) on Friday February 18, 2005 @05:41PM (#11717738)
    Does anyone else realize that this is the same company that essentially handed over the 2000 election to George W. Bush? They are the ones who were hired by the florida voting commission to compare the data on federal criminals in the US with those in FL so that the FL federal criminals couldn't vote. Only they botched (on purpose?) it up completely and had a 5% accuracy rate resulting in thousands of voters (mostly black) getting turned away at the polls. Coincidentally (yeah, right) they were awarded a 60 million dollar data sorting job in Iraq once the war started. Funny, if they failed so miserably in FL why would you reward them with a bid in Iraq? This company is a joke.
    • choicepoint [google.com] was the latest in a long line of corrupt corporations to be used by America to overthrow a democratically elected leftist government in some other country. But they could not take Chavez down. Viva Chavez!

    • Does anyone else realize that this is the same company that essentially handed over the 2000 election to George W. Bush?

      I suppose you have some unbiased media reports to back this up?

    • by KingSkippus ( 799657 ) on Friday February 18, 2005 @07:19PM (#11718669) Homepage Journal

      Here is a reference [cnn.com] to an article on CNN about this. Also, check out the article in the St. Petersburg Times [sptimes.com]. Last, but not least, check out this article in The Guardian [guardian.co.uk]. My favorite quote from the last article: "The controversy [regarding the Bush DoJ paying ChoicePoint $11 million for names, addresses, occupations, DoB, passport numbers, "physical descriptions," tax records, and blood groups of Latin Americans] is not the first to engulf ChoicePoint." Nor, apparently, the last. This was written on May 5, 2003, over a year before this fiasco. How many chances should one company get before they're shut down?

      So yeah, this company scares the shit out of me, as does its parent, Equifax. Personal opinion o' me is that they all need to be immediately shut down. If you don't like YOUR personal information being given to anyone with a few bucks, PLEASE write to your government representatives [vote-smart.org] and demand that something real be done NOW to protect our privacy!

      P. S. I live about 10 minutes away from Alpharetta, GA, where this company is located. I'm thinking of posting a link to where you can donate pitchforks and torches...

  • by Aexia ( 517457 ) on Friday February 18, 2005 @05:51PM (#11717831)
    is if someone looked up on Choicepoint, say, the CEO and other high-ranking executives and posted all their personal information here.

    The karmic justice of these clowns having to spend substantial time and money trying to protect their credit history and whatnot would be priceless.

    I'm not advocating that anyone should do this. I just think it would be justice because we're certainly not going to see any otherwise.
  • And by coincidence, I'm contesting a mystery $9.95 charge on my CC I never made this month. The first time I've ever had a bogus charge show up.

    Although I can't say the whole ChoicePoint thing is a suprise. After all, the entire purpose of their business is to sell that information. It's not good business to turn away customers, now is it? Oh sure, they probably turn away the most egregious crooks who show up. But their business is to sell your information to whoever want to pay for it.
  • Simple Legislation: Each person owns their data and any company that keeps that data is liable for its unauthorized disclosure to third parties for actual damages of x + 2x for punitive damages.
  • I'd just like to pitch my identity clearinghouse idea [slashdot.org] again. (Most of this post is copied from my linked post.)

    In combination with mandating that companies actually verify the identity of a person before doing sensitive business transactions with them, the government should operate an independent "identity clearinghouse" of sorts. The process would go something like this:

    1. Consumer requests (for example) a new line of credit from Bank X. In the process, Consumer provides contact information to Bank X.
    2.
  • WTF is choicepoint? Not all of us are Americans. Also, news sites specify what a subject is when it is first mentioned in the report. Like "UN Secretary-General Kofi Annan". Not just Kofi Annan, Kofi or Kofi darling.
  • These jackasses were in charge of verification at a local retailer, and refused to verify my plastic card that spends from my home-equity line of credit. They wanted me to "register" with them, before the retailer would accept the card.

    I told their service, and the retailer to STUFF it, apparently they didn't need my business.

    I'm now GLAD I didn't play ball with these jackasses.
  • by privacyprof ( 860829 ) on Friday February 18, 2005 @08:02PM (#11719015)
    The ChoicePoint security fiasco is part of a larger problem -- the fact that companies dealing in personal data are not providing adequate security and that they are not well regulated. What makes matters worse is that ChoicePoint is increasingly supplying its information to the government, including the FBI and IRS.

    Back in December 2004, I along with the Electronic Privacy Information Center wrote a letter to the FTC arguing that the FTC should open an investigation of ChoicePoint: http://www.epic.org/privacy/choicepoint/fcraltr12. 16.04.html

    This letter might be of interest, as it explains the extensiveness of the data companies like ChoicePoint have and how it affects people's lives.

    I also argued in my new book, THE DIGITAL PERSON: TECHNOLOGY AND PRIVACY IN THE INFORMATION AGE, that identity theft and other privacy problems are caused not by technology but by irresponsible business practices. Everybody seems to be saying that in today's world of information technology, privacy is dead. The culprit is technology, and since it is foolish to believe that it can be stopped, there's little hope. I argue that this isn't the case. The culprit is government and business practices. There's a "digital person" that is a counterpart to people, not composed of flesh and blood but of bits and bytes of personal information gathered together in databases. The digital person is a representation of ourselves in the world of computers. But this is only part of the story. Increasingly, decisions about us are made by looking to our digital person. What happens to our digital person in the digital world is increasingly having effects in realspace to our real person. It is this problem that I explore, and I argue that the answer is regulating government and businesses - not technology. For those interested in learning more, I encourage you to read the FTC letter as well as my book. Here's the book's website: http://www.law.gwu.edu/facweb/dsolove/Solove-Digit al-Person.htm

  • by Genda ( 560240 ) <mariet AT got DOT net> on Friday February 18, 2005 @10:28PM (#11719835) Journal
    Attention all K-Mart Shoppers... that Bar-B-Q you are smelling is your collective butts in the fire.

    After undermining all sane separations between state, religion, and commerce, we find ourselve in what can only be described as a Nation of the Corporation, By the Corporation, and For the Corporation. You may now bow to your corporate masters.

    Our founding fathers saw government as a detestable necessity, so they wisely hamstrung it seven ways come Sunday, to keep it at bay. By giving corporations the same rights as "REAL FLESH AND BLOOD PEOPLE", without the same accontabilitiies or limitations, we created a monster. That monster was further allowed free access to influence and ultimately control our government. That brings us where we are today.

    A nation where your privacy is a farce, virtually nonexistent, while government and corporations alike enjoy almost complete opacity.

    Just last week a Federal Judge ruled in favor of the Governor of Maryland, in a suit involving reporters from the Sun Times being frozen out of press meetings. The Judge ruled that "the paper wrongly asserted a greater right to access to government officials than private citizens have. The right to publish news is expansive. However, the right does not carry with it the unrestrained right to gather information,"

    In short, A political leader, your elected representative, has the right to inform only those he likes or feels fit to inform. That and your primary organ of political enlightenment, the press, has no special right to garner information on your behalf. Add to that the recent $400,000 charge for FIA documents against the justice department, and the Gannon/Guckert debacle at the White House this week, and it's clear... the Government is hell bent on having it's citizens standing naked in the streets, stripped of every right to privacy and personal dignity, while they plot and practice "God only knows what" with complete impunity.

    The information disaster at ChoicePoint underlines the complete disregard that business and the Government have for the needs and the rights of every day citizens. Recent leaks suggest the final number of people exposed may exceed 400,000. If the government were working on your behalf, you would certainly see heads rolling immediately. However, I suspect you'll see none of that. The government is using these very companies to perform an endrun around the constitution, filling up government dosiers with information collected by these very companies, at the same time lucrative government contracts and multimillion dollar campaign funds are trading hands.

    We're at a critical time in history. Benito Mussolini defined fascism as "The Corporate State". Looking at the historical analysis of the last century, there's good reason why conservative and liberal law makers, educators in law and political science, and men of conscience around the world are calling the United States a fascist state. One of the certain casualties in such a government, are the rights and freedom of the individual. We still have a tremendous amount of infrastructure that protects us, and as bad as things are, no single person has yet amassed so much power that our government can be easily toppled. We're however in extreme danger. It'll take all our commitment, and every kind of contribution we as citizens can make, to bring our government back into it's proper place as an engine designed to promote the advancement of freedom, and justice. The alternative is too grim for words.

    Genda

The trouble with being punctual is that nobody's there to appreciate it. -- Franklin P. Jones

Working...