Kroll Fraud Solutions Blog – A Dialogue on Data Security

The Federal Trade Commission (FTC) has pushed back the enforcement date for the Red Flags Rule yet again – this time to December 31, 2010. The original compliance date for this rule was November 1, 2008, and it has since been pushed back four other times: May 1, August 1, and November 1 of 2009, and then to June 1, 2010. The reasons for the delays have varied, mostly to give businesses that the FTC classified as covered entities the chance to further prepare. However, this latest delay comes at the request of several members of Congress, as they are considering legislation that may limit the scope of entities covered under the rule.

The average online computer user faces many security threats.  Users are commonly reminded to keep their operating systems up to date,  install virus software and firewalls, and have at least one anti-spyware program running at all times. Kroll investigators counsel members of our identity theft programs to reduce their fraud exposure to Internet threats with this advice. We also remind them not to fall victim to a false sense of security. Identity theft protection does not exempt consumers from following practices to reduce their likelihood of becoming a victim while online. When it comes to online safety, best practices involve avoiding questionable websites, using social networking safely and being stingy with personal information.   Now, we add to our list of advice “close inactive browser tabs.” Why? To prevent a relatively new phenomenon known as “tabnapping.” 

Back at the first week of May, we discussed the CBS News report about copier security that was gaining so much attention. It has come as a surprise to a lot of people that copiers containing hard drives are continually and, quite frequently, returned to the office supply center with sensitive data still housed inside. In fact, it has drawn the attention of Congressman Edward Markey, who wrote a letter to the chairman of the Federal Trade Commission urging him to look into the matter. The FTC has responded, assuring Markey that they will reach out to those in the copier and office supply industry “to ensure that they are aware of the privacy risks associated with digital copiers and to determine whether they are warning their customers about these risks, whether they are providing education and guidance on this subject, and whether manufacturers and resellers are providing options for secure copying.”

Between the morning of May 1^st and the evening of May 2^nd, more than 13 inches of rain fell here in  Nashville. Flood waters invaded the city and surrounding communities to a degree never before experienced. Sadly, some of our co-workers suffered great property losses and are now dealing with complex aspects of recovery from this natural disaster.

In an effort to look for positive outcomes from this tragic event, today our team of Licensed Investigators shares insights culled from the experience of our colleagues in relation to matters of personally identifiable information (PII).

Prior to an emergency:

The following are a few of the federal laws that apply to consumers. Some states have additional consumer rights laws that apply, so be sure employees understand these as well:

• Identity Theft and Assumption Deterrence Act – Enacted in 1998, this act officially makes identity theft a federal crime.
• Fair Credit Reporting Act (FCRA) – Regulates the collection, dissemination, and use of consumer credit information. The FCRA establishes many consumer rights, including the right to a free credit report, and also defines the procedures for correcting fraudulent or inaccurate information on the report.