The Federal Trade Commission today told the Senate Judiciary Committee Subcommittee on Terrorism, Technology, and Homeland Security that “the government and the private sector must continue to work together to reduce the opportunities for thieves to obtain consumers’ personal information and make it more difficult for thieves to misuse that information if they obtain it.” Lydia Parnes, Director of the FTC’s Bureau of Consumer Protection, said government and the business community should evaluate whether they need to collect and maintain the data they have about consumers, better-protect the data that they do possess, and develop better ways to authenticate customers to keep identity thieves from using the information they steal.
According to the testimony, “A recent Wall Street Journal/Harris Interactive survey, for example, found that, as a result of fears about protecting their identities, 30 percent of consumers polled were limiting their online purchases, and 24 percent were cutting back on their online banking.”
The testimony notes that “since 2001, the Commission has brought fourteen cases challenging businesses that failed to reasonably protect sensitive consumer information that they maintained. . . . Together, the cases stand for the proposition that companies should maintain reasonable and appropriate measures to protect sensitive consumer information.”
The testimony notes that the FTC has participated in an Identity Theft Task Force established by the President to develop a comprehensive national strategy to combat identity theft. FTC Chairman Deborah Platt Majoras serves as the Task Force’s co-chair. A set of interim recommendations in the areas of prevention, victim assistance, and law enforcement “have been implemented or are in the process of being implemented.” In addition, the Task Force is reviewing approximately 150 comments and recommendations received from consumer advocacy groups, trade associations and identity theft victims in preparation of a final strategic plan and recommendations.
“The Commission receives about 15,000 to 20,000 contacts each week on how to recover from identity theft or how to avoid becoming a victim in the first place,” the testimony states. “The Commission has undertaken substantial efforts to increase consumer and business awareness of the importance of protecting data and taking other steps to prevent identity theft.” An identity theft “primer” developed by the agency is available in print and at FTC.gov. The agency has distributed more than two million copies and there have been more than 2.4 million visits to the Web version. In addition, the agency has developed a consumer education piece, “Avoid ID Theft: Deter, Detect, Defend,” and a training kit that can be used by businesses, community groups and others to educate consumers about identity theft. “The Commission has distributed over 1.5 million brochures and 40,000 kits to date,” it states.
The testimony notes that misuse of consumers’ social security numbers can facilitate identity theft. “The challenge is to find the proper balance between the necessity of keeping SSNs out of the hands of identity thieves, while giving businesses and government sufficient means to match information to the correct person.”
“Preventing the misuse of SSNs, therefore, can follow two paths,” the testimony states. “First, the unnecessary use and disclosure of SSNs as an identifier can be reduced. The Identity Theft Task Force is working toward this goal.”
“Second, to prevent misuse of SSNs, improved methods of authenticating consumers can be promoted so that, even if the SSN falls into the hands of an identity thief, that SSN is less valuable.” The FTC will host an authentication workshop on April 23 and 24, 2007.
“The Commission will continue and strengthen its law enforcement efforts, as well as its education and outreach to guide and empower businesses and consumers to fight back against identity theft,” the testimony states.
The Commission vote to approve the testimony was 5-0.