Based on my own personal observations and experiences, most of us don’t think about invasions of personal privacy until something bad happens. For example: you learn that your personally identifiable information (name, address, date-of-birth and Social Security number etc.) has been stolen by identity thieves and is now being used to fraudulently obtain goods and services half way across the country using your good name and credit.
But the reality is that we all suffer invasions of personal privacy on a daily basis. It’s just that we don’t know it.
Regrettably, existing laws governing our privacy and personal data protection are woefully inadequate and far too open to interpretation by private companies specializing in both the collection and sale of public and non-public record information on each and every man, woman and child living in America today.
Add to that list: social network firms collecting and storing information on nearly every facet of a consumers life, advertising networks tracking consumers as they browse the Internet, and both private and government owned camera networks collecting biometric data through the use of facial recognition technology in our cities, highways and malls and very soon it becomes apparent that our lives are perhaps not as private as they once were.
How did we get here? Simple answer; advancements in computer technology coupled with significantly enhanced data storage capabilities which now permit big data organizations including consumer reporting agencies, data brokers and marketing firms to acquire vast amounts of information from multiple sources surreptitiously on virtually all American consumers without their knowledge or consent.
It’s a fact of life that every day hundreds of private companies across America (including those which falsely suggest that they operate within the auspice of the The Fair Credit Reporting Act or FCRA) update their files on each and every one of us with information collected from so called contributors.
While it’s hard to pin down exactly which businesses, organizations and government agencies directly or in-directly contribute information to data brokers and other consumer data traffickers, evidence points to auto dealerships sales and service departments, cable TV and satellite companies, county government agencies, insurance companies, magazine subscription services, money transfer and bill paying agents, online retailers, pharmacies, state Department of Motor Vehicle offices, supermarkets, telephone companies (both land line, mobile and VOP) and utility companies providing electric, gas and water services to consumers.
In many instances, this information includes updates and/or confirmation of such personal details as present address, employment or school location, mobile and/or land line phone numbers (including work and non-published numbers) automobiles owned or driven, recent subscriptions and purchases, utility company payments and even personal financial data including non-traditional credit history, utility company account status and recent applications for credit, employment, federal or state benefits, rental accommodation and business or professional licence’s.
Within a matter of hours, updated information received from a contributor is merged onto a consumers exiting file and in-turn made available (for a fee) to practically any business entity, organization or government agency with a perceived permissible purpose interested in you. An email notification may even be sent out if you change your mailing address, phone number or drivers license details or any other pertinent personal information which may be of interest to your creditors including auto loan companies, credit card issuers and home mortgage lenders. Even federal, state or local law enforcement agencies which may have accessed your file in the past.
Needless to say, if you don’t know about the existence, let alone the contents of your personal files, with potentially hundreds of consumer data organizations across America, it can be kind of hard to identify inaccuracies let alone correct them before you are turned down for on an auto loan, home mortgage or perhaps worse rejected for a job based on inaccurate information contained in a report (or behavioral score) furnished along with a copy of your credit report from one of the big three consumer reporting agencies: Equifax, Experian and Trans-Union.
A good example would be the National Consumer Telecom & Utilities Exchange, Inc. (NCTUE), which reportedly collects and provides information to industry members on reportedly 80% of utility customers in America through a contractual arrangement with consumer reporting agency Equifax, Inc.
The fact is, very few consumers are aware of NCTUE’s existence, let alone its activities which includes according to its website, providing information to third parties for the purpose of offering selected consumers with pre-approved offers of credit. In other words, they collect information on how you pay your electric, gas, phone or water bill and amongst other things sell it to third parties without your knowledge or consent.
Switching from the private sector to the public sector, the announcement this past October by the South Carolina Department of Revenue that hackers had accessed millions of taxpayers records including Social Security numbers and employer identification numbers, once again demonstrates how vulnerable we all are to the failings of both elected officials and senior government employees in understanding the concept of protecting citizens (taxpayers) personal data.
Based on news reports, the South Carolina Department of Revenue had no official in charge of overseeing the safety and security of state owned computer systems containing both personal and business tax records due to a lack of candidates for the poorly paid position which I understand had been vacant for quite some time.
While in this case, officials really had no choice but to inform the public owing to the size an magnitude of this data breach by foreign hackers. Based on my own personal observations and experiences, the South Carolina "openness" approach is most definitely the exception rather than the rule when it comes to both federal and state government agencies.
There is perhaps no better example of this than back in the 90’s, when identity thieves operating in Connecticut allegedly acquired thousands of consumer credit reports under false pretenses from one of the big three consumer reporting agencies using bogus law office and debt collection agency credentials. The identity thieves who also operated as unlicensed private investigators cultivated a network of dishonest employees at banks all willing to betray the trust of their employer and the general public by selling private and confidential customer information which included account numbers, daily balances and other detailed transaction history. Interestingly, one of the biggest group of customers for this illicit information was unscrupulous law firms working in the debt collection field seeking to locate debtors personal assets.
Despite the fraudsters obtaining consumer credit reports on thousands of victims spanning well over five years and receiving stolen customer data from some of America’s largest banks, none of the federal, state or local law enforcement authorities made aware of these multiple crimes, bothered to properly investigate the crimes, let alone contact the thousands of identified victims whose personal bank accounts and credit reports had been accessed and used for a variety of unlawful purposes.
To be honest, it is still hard for me to come to terms with the fact that based on my own personal observations and experiences over the past twenty years, that the majority of law makers, policy advisors and senior government officials (which includes employees at branches of the of the US Justice Department and US Treasury Department along with their colleagues at the Social Security Administration) appear to view the subject of personal privacy, consumer data protection and identity fraud prevention as less than a priority.
Today, tomorrow, next week, next month and next year we will all (with a few exceptions) be subjected to invasions of personal privacy by business entities and their agents in most cases which we have never heard of collecting and trafficking in our most personal information. All without our knowledge and consent or the ability to correct errors, omissions or outright falsehoods.
Worse, if this information is stolen as a result of a data breach and used in the commission of a crime, there is every reason to believe that you won’t know about it until it’s too late and the damage has already be done to your credit rating, personal finances or online reputation.
Under the circumstances, it looks like we all live in a world of "all secrecy and no privacy" as we go into 2013.
To be continued...