ad info  technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  




Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent



More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections


4:30pm ET, 4/16










CNN Websites
Networks image

Online identity theft a growing concern

Industry Standard

(IDG) -- Before tossing his trash, Ignacio Ramirez performs a ritual: He destroys every piece of paper with his name on it.

"I'm a skeptical person," explains Ramirez, a family physician in San Diego. "I know how to protect myself."

Ramirez may seem paranoid, but it's for good reason. Last February, a Boston medical-equipment supplier called his office demanding $85,000.

It took him days to convince the company he never bought their equipment. It took weeks for him to learn that somebody had stolen his identity off the Internet.


It seems that a woman obtained Ramirez's information from the Medical Board of California and another Web site - his medical license identification and Social Security numbers - and used them to buy medical supplies on his credit. By the time Ramirez stopped the bleeding, the identity thief had stuck him with $185,000 in fraudulent charges.

  TechInformer: The Thinking Internaut's Guide to the Tech Industry
  Online shoppers beware
  Who's holding your money?
  Reviews & in-depth info at
  Industry Standard email newsletters
  Questions about computers? Let's editors help you
  Industry Standard daily Media Grok
  Search in 12 languages
  News Radio
  * Fusion audio primers
  * Computerworld Minute

"I feel violated," Ramirez says. "Like there is no safety around, no guarantees that anything you do ethically or honestly has meaning because there are con artists who can do anything they want."

Unfortunately, Ramirez's case is not uncommon.

Washington lawmakers are increasingly hearing similar horror stories, and pressure is mounting for them to act.

With the election-shortened year winding down in Congress, privacy advocates are targeting legislation that would ban the indiscriminate sale of Social Security numbers, online and off. Credit bureaus and other financial services interests, however, are warning lawmakers that new laws could do more harm than good by limiting the number's use as the ultimate identifier.

The white elephant of the debate is the Internet, which is making such thefts easier.

Here's how it works: Search the Internet for "find Social Security numbers," and as many as 65 identity sites pop up. Click on one, and a whole world of possible identities appears. Try ICU, for example, and you get this tantalizing offer: "You give us a name and address (current or old). ICU Inc. will investigate and provide you with the correct Social Security number for that person. $50 U.S." Other sites do it for even less.

That's all it takes. Armed with a name and a Social Security number, crooks can get credit cards, take out loans or make other fraudulent purchases.

Of course, searching the Internet is just one of many ways a thief can ruin a person's name and credit. The crook could also get credit card numbers from the carbon copy of an imprinted receipt through a low-tech dumpster dive. Privacy experts estimate that the Internet is the vehicle for less than half of ongoing identity frauds.

But whatever the source of fraud, consumer advocates and privacy lobbyists agree that identity theft has exploded in recent years. Beth Givens, executive director of the San Diego-based Privacy Rights Clearinghouse, estimates that there will be more than half a million cases of identity fraud this year, including stolen Social Security numbers, co-opted credit cards and forged checks.

Some federal law enforcement officials consider it the fastest-growing financial crime. The Social Security Administration received 7,867 complaints of misused numbers in 1997, nearly 11,000 complaints in 1998 and more than 30,000 in 1999.

But if the Internet isn't the fount of fraud, it's certainly brought it to the surface. In one famous incident last year, a stalker killed Amy Boyer of New Hampshire after buying her Social Security number off the Internet for $45 and using it to get more of her personal information. The tragedy spurred Congress to act. At least half a dozen bills have been proposed in the House and Senate to curtail the public availability and illegal use of Social Security numbers, but only one has a good chance at passing.

Sen. Judd Gregg (R-N.H.) sponsored a bill dubbed the "Amy Boyer Law," which would prohibit the sale of Social Security numbers, including selling them through the Internet. As chairman of the Senate's Commerce, Justice, State and Judiciary Appropriations Subcommittee, Gregg is the point man for writing a must-pass bill funding the Justice and State Departments; he attached the Social Security number plan to that legislation. It is expected to clear the Senate in September.

"Banks, health insurance companies, schools and employers often identify consumers" with Social Security numbers, Gregg said in May when he introduced his bill. "We need to find ways to ensure that people's privacy and safety is protected by ensuring that the Social Security number, which is issued by the federal government, is not used to reveal to criminals personal and financial information about our citizens."

Industry groups, though, want private industry to be given a chance to propose a solution to identity theft.

"A better approach is not to pass anything this year," says John J. Byrne, senior counsel and compliance manager for the American Bankers Association. "I think this is a time when you need to step back, take a deep breath and ask, 'What are the goals?' To rush to try to do this before this year is over would be a mistake."

But the U.S. Public Interest Research Group believes the proposal is already riddled with too many exemptions for businesses. For example, the legislation would not affect the nation's credit bureaus - Equifax (EFX) , Experian and Trans Union.

The three companies each store the bill-paying and bankruptcy histories of roughly 180 million consumers and use Social Security numbers to confirm identifications. Banks, credit card companies and other issuers buy 600 million reports annually to ferret out customers with bad credit.

Indeed, financial interests might see Gregg's approach as a saving grace in the long run. The other proposals privacy advocates are pushing go much further than the Amy Boyer Law. But for Ramirez, any legislation will come too late. The family physician in San Diego still frets over his situation.

"You have no protection whatsoever," Ramirez says. "You're the only one who can control [your protection], and you have to be paranoid."

Insulate your PC from hackers
August 10, 2000
Brightmail releases anti-virus, anti-spam software
August 10, 2000
Erase your trail with Internet Cleanup
August 2, 2000
'Internet hotels' threaten to sap Europe's power supply
August 1, 2000

Net enables global crime sprees
Michigan targets Internet crimes against kids
Stolen laptop sparks anti-theft technology
Visa issues 10 'commandments' for online merchants
Who's holding your money?
Dispute sparked on Internet retail fraud
Online shoppers beware

Identity theft resources

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.


Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.