Tuesday, January 02, 2007

MN AG Swanson IDs the problem

The first step in resolving a problem is to identify the problem.

Well, Minnesota’s new Attorney General Lori Swanson is off to an impressive start. Already she has announced her intentions to better protect the Minnesota’s citizens in the areas of :
Predatory lending;
Updating cyber crime laws specifically those related to child pornography;
Cell phone contract terms; and,
Tuition aid and financial support for Veterans.

Addressing these issues indicates that Swanson is listening to the citizens and seeking pro-active resolution.

Last week, she announced that she intends to extend the curbs on the business use of Social Security numbers.

Identity theft is too easy due to lackadaisical protection by companies and governmental agencies that have your information.

Social Security Numbers have a definitive purpose, but are used too often when they are not needed. Essentially, the Social Security Number should only be required for tax reporting purposes. Your employer, savings bank, mutual fund investment provider, mortgage lender, Medicare provider, etc. need the number, but many others do not. Yet, many ask for it. Why? Most likely because it’s a unique number that every citizen has … and that is not good enough of a reason. How many times last year did we hear about problems concerning missing personal data that contained Social Security Numbers? When an employee of the Veterans Administration laptop was stolen, it was a breakdown in protocol. Similar problems occurred at Visa, Wachovia, Equifax, ING, AIG, many colleges, and the U.S. Department of Agriculture. When MN Tax Revenue mail containing tax returns was misrouted, it was a harried time for the Department, but most likely human routing errors – yet scary none the less. Many of these intrusions were on agencies that had a rightful need for our SSN … but what about other companies that do not need that information but have it?

Recently, I wanted to update my Internet service to broadband. The company wanted my SSN. I explained that there were no tax implications and that I was willing to prepay for the service or commit to a long term contract. The clerk could not explain why it was required, so I asked for a contact name at their corporate offices. The clerk stated that they do not give out corporate contacts. As you can imagine, I promptly left the store … and placed a call the office of the Minnesota Attorney General. I expressed my displeasure of this unwarranted intrusion into my private records. The staff attorney stated that my complaint would be recorded, but advised that under current law, a company may “request” that information and I had the right to seek out another service.

At the Federal level, new regulations mandating tougher online financial security measures will took effect yesterday. Banks, credit unions, and other financial institutions must begin using enhanced technologies to protect customer data against identity theft. Some online services will use “fingerprint” technology to identify you and your computer. Laptops may be better secured by requiring a separate encrypted password stored on a USB device or smart card that is not attached to a laptop.

These provisions are steps in the right direction, but the best protection is to limit who has this information … and that is where Attorney General Swanson can lead. I am glad that she recognizes the opportunity and is being responsive to the citizens concerns.

No comments: