Briefs

Recently it was revealed that ChoicePoint, one of the nation's largest data aggregators and providers of personal consumer data, has been the victim of large scale fraud. Fraudsters, posing as (among other things) check-cashing, insurance, and debt-collection companies, were able to pass ChoicePoint's initial customer background check and gain access to ChoicePoint's services, eventually gaining access to the personal information (including Social Security numbers, addresses, and more) of well over 100,000 people, at least 700 of whom may already have been the victims of identity theft or other fraud.

The incident became known after ChoicePoint informed the individuals in California whose personal information was accessed during the fraud. A California law that was enacted in 2003 requires companies to disclose incidents like the compromise of ChoicePoint's data to affected consumers. Currently, California is the only state with such a law, although the ChoicePoint case has aroused the interest of several state attorneys general and one U.S. senator has already introduced federal legislation similar to the California law. Meanwhile, one California woman has recently filed a lawsuit against ChoicePoint that seeks to gain class-action status.

In Washington, the case has put data brokerage firms and their practices under the spotlight, with several members of Congress signalling that hearings are called for in the case. Rep. Joe Barton, chairman of the House Committee on Energy and Commerce, has directed his staff to look into the matter and to "survey digital data storage practices and their current security measures." Meanwhile, Sen. Arlen Specter, chairman of the Senate Judiciary Committee, has stated his willingness to hold a a series of hearings on privacy breaches including this one, and Sen. Charles Schumer is said to be considering legislation that would establish federal rules to regulate how companies provide or sell access to private information.

One man has already been sentenced to 16 months in prison for his part in the fraud.

For more information on the ChoicePoint case, see the Wired News article, as well as a recent New York Times article.