FTC urges Congress to step up identity theft protections
|June 16, 2005|
Touts cross-border fraud legislation
The Federal Trade Commission today told Congress it should consider extending security protections for sensitive consumer data and requiring that companies that possess such data notify consumers when they are victims of security breaches that could result in identity theft.
In testimony on data breaches and identity theft to the Senate Committee on Commerce, Science and Transportation, FTC Chairman Deborah Platt Majoras said that recent security breaches of data brokers and other companies that collect or maintain sensitive personal information are prompting the Commission and Congress to assess the need for new legal requirements for those who possess sensitive data.
The testimony notes that laws and regulations are in place that address the security of, and access to, sensitive information maintained by credit bureaus, those who use credit reports, and businesses that engage in certain financial-related activities.
"The Commission's Safeguards Rule requires financial institutions to implement reasonable physical, technical, and procedural safeguards to protect customer information. It does not cover many other entities that may also collect, maintain and transfer or sell sensitive consumer information," the testimony states.
The testimony also notes that "many have raised concerns about misuse of Social Security numbers. It is critical to remember that Social Security numbers are vital to current information flows in the granting and use of credit and provision of financial services." The Commission stated that "Ultimately, what is required is to distinguish between legitimate and illegitimate collection, uses, and transfers of Social Security numbers."
The testimony notes that globalization of the marketplace has had the effect of increasing the amount of sensitive consumer information that goes to offshore databases.
"Accordingly, the Commission needs new tools to investigate whether companies are complying with U.S. legal requirements to maintain the security of this information, and cross-border fraud legislation would give the Commission these tools," the testimony says.
Cross-border fraud legislation also would ease restrictions on U.S. law enforcers investigating foreign businesses. "For example, if the FTC and a foreign consumer protection agency are investigating a foreign business for conduct that violates both U.S. law and the foreign country's law, current law does not authorize the Commission to share investigative information with the foreign consumer protection agency, even if such sharing would further our own investigation." The agency urged Congress to enact the cross-border fraud legislation.
The Commission vote to approve the testimony was 5-0.
Copyright 2005 Inman News