Well ask Evan Hendricks and stuart pratt both experts in the collection and usage of information. Gentlemen, we will co. Is the average person aware of how much welcome. The average person aware of how much data is obtainable by the internet . Stuart pratt . Uhoh, john, i think the lead for the show speaks volumes about how society and our lives have changed, the ability to going lg ourselves, to see what is on the internet is something that tens of millions. You want information it would be the shoe leather factor, you have to retain a private eye, he would have to be hiding behind lampposts and try to get into files now. Now its at your finger tips. I dont think thats quite true theres some information on the intet net that is easy to get but theres a l readily available through a browser on the internet. Where do you start . You start by going lg . Googling . I ask you Evan Hendricks. Thats the easy thing. But if you pull out your wallet and start buying things, theres no way anyone can realize how much information is available, the property records, divorce records. Bank records. The googling process will give you names, date of birth, place of birth, mothers maiden name. Sometimes, yes. If its listed on at genology page by a relative who loves that. Is that the extent of the data . It depends on what has been put out about us on those web sites. Sometimes if you look at the what the kids are doing with space books they are loading personal information on web sites. All that depends. We need to understand there are central repositories that have this information. Lets talk about this i ntelius, do i have that correctly . Does it examine every Public Record on a person for a fee whether its local government or federal government or State Government . Its one of Many Companies that their business is going to all those Public Records, which were created by taxpayers by the way, putting the information in their own private companies and computers and selling it. This is what i have that theyll deliver for you for 29. 95 or if you want a full write up for 49. 95. It will give you up to ten prior addresses and phone numbers for the individual, a maiden name, the age, the current name, the relatives, the roommates, the neighbors thats the beginning dossier. If you go further to the larger one you can examine thousands of private records including any criminal records, any arrests and any jurisdiction no matter how small throughout entire country. Isnt that quite incredible . Well, it is incredible. But i think evan said it just right. A lot of these are Public Records. John, we are in the middle of, i think, a debate about the extent of the availability of Public Records. I guess really the question is what kind of Public Records should remain absolutely public. Keep in mind that a Public Record is fundamental to our democratic ideals. It isnt about pulling data back and saying it should be under the control of government. How about judgments or how about divorce records . Or how about lawsuits . How about tax liens . These are all available. They are. And you can get it through this particular web site. The value of your home, facts about the home, Small Claims Court rulings, bankruptcies. All public information. And flagstaff there is good and there is good reason for it being public information. What has changed is where it used to be in a dusty filing cabinet in a kraus, now courthouse, now its in a database and anybody can get it provide they pay a fee. The Public Companies yank it out of the public ground and theres a fundamental consistency of inaccurate data through the records. You could be judged on information that is not entirely accurate. Isnt it an invitation to stalking and Identity Theft . Lets take a couple of exams, criminal histories. He is right, they used to sit in a dusty file drawer. The problem was the Daycare Center couldnt find the pedophile record in the dusty file drawer. When you make it national you allow an employer to make sure we know the kind of employee that were putting in a position of great responsibility. Thats a good outcome. If you were going to form a liaison, a partership with a Business Partner you would want to know. Absolutely. And it would certainly be a legitimate problem. There are lawyers, of course turn immediately to this to find out about their client or who is testifying against them and its a rich resource. Journalists examine their sources frequently by going to the net. Im not sure they want to i dont know many journalist whos want to shel out 49. 95. They probably poke around for a couple of hours. But the open sesame, the golden key is the Social Security number. The Social Security number is the first tool of choice if you want to unlock someones files and its the first tool of choice for an identity theevment ate loves the thief to get credit in the name of the innocent victim. There are ways for a reasonableibly reasonabley clever money maker, that is, someone who wants to make money its called phishing. Thats sends out emails, is that correct . Were educating consumers. More consumers are learning not to respond to an email saying reenter your password. Or a bank account perhaps. I want to go to the Social Security number. We believe that an s. S. N. Is a sensitive item of information and we believe it should be controlled under a security program. The idea that the Social Security number is somehow out on the internet without control, available to the general public so that you and i can look at each others Social Security numbers thats not where we want to be. Or used as a student identifier at a university, bad idea, video stores, bad idea. We need to rollback uses of it. What about using your inteshal Revenue Service number. Wouldnt that be a good identifier to substitute for Social Security and have extremely limited opening of the safe, so to speak, the privacy safe value, or you could use your e. I. N. Nurks employee identification number. Wouldnt that be better . If you have a specific number and they cant use it for other purposes, yes, that would be a step forward. Evan mentioned socials and accuracy. He talked about accuracy of databases. One of the reasons the Social Security is used in protected database its that we have 40 Million Consumers who move every year in this country. We have three million last names that change due to marriage and divorce. Theres a lot of things that change about us. There are databases that consequential like a Credit Report where accuracy is paramount and where a Social Security is part of the building block. A Credit Report isnt available through the google search. Its controlled under a law called the fair Credit Reporting act. People dont seem to be bothered about giving up personal information. You have match. Com it has 50 million subscribers. This is a data service. Are you familiar with this . Absolutely. Evan i dont want you to commit to saying something you dont want to say, but have you seen it . Yes. If uconn sent to it theres no invasion of privacy because uconn sent to it. You mean anticipation of reward. Absolutely. That would apply to contests or giveaways. Or going on the Jerry Springer show. You would consent to match. Com with a idea of finding a friendly mate a psychological profile of yourself . Maybe. The world were starting to live in now that begs the question, when and where should i put that kind of information out. Google by the way. Myspace. Com its a favorite of students. It is. What about google . I think consumers are learning through Search Engines that where i put personal information on to a page of a web site, that information can be found and brought forward in a search. I think that more consumers should understand that because we should take care and protect sensitive personal information about us. That is something we can do and over time we can become more educated. Were going to get to this question right now, and or in a moment, and that is at government, the role of the government, particularly, is there a zone that the government could prescribe that a a hacker or a corporation, a corporate hacker, could not get into . It would be zoned off and if you did get into it, you would be were joined on the telephone by chairman cliff stearns, chairman of the commerce, trade and Consumer Protection panel of the United States house of representatives. I would welcome the chairman by notifying him we are here on the set and stuart pratt is with us. He is the president and c. E. O. Of consumer data industry association. Can you give me some idea, can you volumize how much data is in your association, by the way, stuart . We represent a lot of different models, Consumer Credit associations. How many. They have probably 250 million Credit Reports and were updating four billion Data Elements a month. Thats a sizable amount, is it not, Evan Hendricks who is editor and publisher of privacy times. By the way he has written this great book, a great read. Named book of the month. Credit scores and Credit Reports, how the system work and what you can do. Do you want to comment about anything he has said . Information about Social Security very valuable. One of the tough things about sit that we dont own data about us. When Companies Like stuart collects it, they own our names, we dont own them thats why they can traffic in our names. When you own a volume of data you can sell it for a subs shal commercial reward. Its an extremely lucrative business. We have the chairman who was patiently waiting while i introduced the guests at the table. Can you tell us what the u. S. Government doing is in this general area . Perhaps a lot of people will remember that choicepoint had a type of breach and lexisnexis also did as well as lots of people. Tell us about. I could list the number of people but the bottom line is these breaches mean that peoples personal identifiable information is made public and thieves could use it for predatory purposes. One thing that was not mentioned in the discussion i heard you folks talk about was credit cards. A lot of these credit cards are being the information is being sold to someone, he uses it for his own benefit, he or she, and lots of times it could be used for nef fairous purposes which goes to some of the concerns we have with the war on terrorism, a lot of people could take credit cards and use it to buy things before you stop it. Now, near congress, we have a bill that passed out of my subcommittee called its h. R. 4127, its called the data accountability and trust act. I dont think most americans realize this but right now theres only a few states that have rules requiring security for personal information, that is, rules that have been standardized, and take into account the size, nature and scope of persons activity, the state of technology, and the entire cost implementing the security procedures. Some firms are not spending very much money and others are. This bill that i have passed out in the subcommittee is basically going to establish the rules through the federal trade commission and then were going to put in penalties in the cases of breaches of information. Were going to have audits by the f. T. C. On information broker security. We put together a whole list of things that these Companies Must do in the event theres a breach. That is something that the state of california has already done. And they are to be commended. The bill that i have is patterned a little bit after california, but if you have 50 states with 50 different laws its going to be difficult for the Security Companies to comply adequately. So were putting in a federal standard which we think will be stronger than the states and well have protection for the sensitive information. Isnt it true that corporations have made advances for the private sector in collecting information than does the u. S. Government . Arent state gofertz the u. S. Government the u. S. Government requires a warrant for some kinds of information, does it not, whereas, what it does to evade that, we hear, for example, the pentagon which has an enormous snoop potential i dont mean to use that word in a bad sense, but lets say monitoring potential, and all college students, i believe, are said to be within the per view of the pentagon. Thats obtained through a contract that the pentagon issues with, i guess, choicepoint . Its a different private company but they are basically trying to compile records on students so they can reach out to them and recruit them into the military. What do you think of the pentagon having dossiers on every young person in america, mr. Chairman . I havent heard that honestly. Its obviously a huge task and i dont think its being done in the light that you are talking about. I think they are probably trying to identify those individuals that would be a high risk in terms of potential terror to this country, and i think thats what they are concentrating on. I dont think they are going to the average student and developing a dossier. I their doing a scan mechanism to find out is this particular student a u. S. Citizen . Is he a student from a country which is hos aisle or wants to indicate or has a past history of trying to hurt the United States . Those the students they probably should watch carefully. Is it engaged in domestic spying with undercover intelligence agencies, spying on churches, antibush political organizations and war protests . Didnt we have a story on that in the press not too long ago. Nbc. Nbc. You dont see your legislation as curk any department or bureau or agency of the u. S. Government is that correct . Thats correct. This is going to the private industry and ultimately to government in how they keep this very sensitivementunt of information on persons activities and requires for the first time to identify to the person in the event theres a breach so youll get a notification that if choicepoint or lexisnexis or bank of america had a breach as well as banks, timewarner. Ive have lists of companies that have had breaches. In some case its not a breach that matters because the information is encrypted so it wont hurt anybody n. Other cases its pretty transparent and we need to have rules in place that the individuals be notified and more importantly that security is in place in the corporations to protect itn a manner that is reputable. Im not making the pentagon into a whipping boy, but i have discovered when i what i said earlier, it was revealed last year that the pentagon had amassed a database including antiwar protesters which poses, some believe, a great throat our privacy by the pentagon that perhaps the f. B. I. The program is called talon. Does that cross your jurisdiction or your desk . No, it has not. The that the pentagon is pretty much under the Armed Services committee or the appropriation commit dwlee deals with Fund Committee that deals with funding for the Armed Services which is the pentagon. But i suspect that after 9 11 there has been a hyped up intelligence source. My colleague porter gos who goss, who took over the c. I. A. , i have talked to him. Theres a heightened thought of what to do because of potential terrorism. Have you heard about the n. S. A. We know about the warrantless eaves dropping and the flap over that. The president seems to not only successfully not been hurt by it, but he comes out a winner because the congress has come away from it because they dont want to appear soft on security. But the n. S. A. , it is said, put cookies on those computers that inquierd into the n. S. A. Have you heard anything about that . No, i know its cookies are put on my computer all the time. Its not only cookies we had a bill dealing with the spyware and that has not passed. Do you think that the federal government is doing enough with this new phenomenon where a persons identity cannot only be penetrated and exhausted but also stolen . I think the government does not have in place the legislation. This bill has not passed that i have. We dont have the bill in place dealing with pretexting, protecting information from your cell phone. And i think the government has to pass these and we must get through the political donny brook and pass these. I dont think the federal government is doing enough and im hoping this bill and mineac. That is something that the bio metric identification means that you stand in front of an instrument and you open your eye and the instrument reads your eye and your receipt in a is retina is yours and no one elses and that goes on a card. With that card is the listing of your life, whether or not you have felonies or misdemeanor arrests or whatever how much money you owe or whatever is necessary to clear you. This identification, for example, instead of focusing on things when you go through a screener in the apartment you are folk airport, you are focusing on people. The likelihood that they are terrorists. Does this play any role in what were talking about here today, bio metrics . It assumes that you are going to appear before a machine and we really dont want that if were placing a telephone call from a from a magazine that has a listing of something that we want to buy. Do you follow me . I dont think t t amemecan people are going to embrace the idea of a holistic card that has all information about me in one single place including a bio metric. Youll find services where i have access to a building because i need access. Security clearing. I dont think youll see the American People going all the way down there. If its a telephone you cant make it function. You cant produce the card. The card will not be recognizable over the phone. Am i right about that . What about an Identity Card that is being advocated by some members of the congress. Theres danger theres as there are with biometrics because that still depends on software to translate it through computers. The software can be spooked. If we think biometrics are the Silver Bullet and people can steal identify that will make it worse. Theres much better ways of this than the Silver Bullet. If that sense wed be with evan. If you are going down the road, you better do it responsibly. We need the ark tech tou you know who Scott Mcneely is at microsystems . Is he a member of youour organization or this company . He is not. He said this in reason magazine, a libertarian magazine, you have zero privacy anyway. Get over it. That was his quote in 2004. What is what is corporate snooping today . We dont see what were doing as snooping. Let me give you a couple of examples. When we when our members compile a criminal history record of an individual, its for employment purposes regulared regulated under the fair Credit Reporting act. Its regulated under federal law and bounded by federal law. We like. That i would also tell you another example, Credit Reports. Credit reports vouch for me. I get my loan. I get my student loans. I buy my house. I buy my cars. I live my life here in the United States because a Credit Report vouches for me even though a lender has never met me before. Sometimes i think we dont see the benefit of the information built into the databases. Let me talk about theres a fundamental corporate snooping which is that Companies Like choicepoint will keep records on us and they wont even let us get access to information about us so we can see if its accurate or not accurate. Basically they are keeping secret record systems and that is snooping that is just not consistent with american tradition and something we have to bring an end to. Corporations sell those records when they amass the dossiers. They not only sell them but they can sell them to the government for investigative purposes and surveillance purposes. Corporate profit. Absolutely. Our members are not in the dossier business. Our members are. Even Scott Mcneely if i could sit with him and asking questions he would say thats private im not going to tell you. Have you heard of axciom . What is it . I understand they have 1. 6 billion names, addresses, phone numbers and other personal information that a junk mail marketer tried to download after a computer server in 2002 and 2003. Does d that hacker succeed . Did he not succeed. He got the data and used it for junk mailg. Somebody got call. That is ultimately the most important thing for us, evan. Theres consequences to the actions. They are a Successful Company that provides Market Services for american businesses. It provides Employment Screening Services for american businesses. When 9 11 hit they hired wesley clark to go to the government to sell their services to the government. Thats an example of this wall crumbling. We have no time for this but give me an examine. Medical record keeping. If you are in australia and you fall down and nobody knows you keel over and nobody knows what your record is, they dont have to call your wife or children to find out where it is and on and on. While you pass out they press a button with what they find in your wallet and they can find your medical information. Its great. I think medical information when fair information practices are applied to it could benefit consumers. Do the pluses outweigh the minuses . It depends. Good uses of information are good and bad uses are bad. Thank you very much. Its a big issue and
comparemela.com © 2020. All Rights Reserved.