Thursday, January 26, 2006 - The Progress & Freedom Foundation Blog

ChoicePoint Pays the Price

Kudos to the FTC for its announced multimillion dollar settlement today with ChoicePoint. (I'd use language so often seen in press releases and say "I applaud the FTC" but as I'm typing it's impossible for me to applaud.) ChoicePoint allowed the personal records of 163,000 consumers to be compromised, and the FTC says at least 800 identity theft cases resulted from that action. In the settlement, ChoicePoint will have to pay $10 million in civil penalties and another $5 million for consumer redress.

If you read through the case the FTC made against ChoicePoint, what you see is a company that chose not to prioritize the protection of consumer data. The free flow of information drives our economy, and our society. We can't expect personally identifiable data to be kept to ourselves, not if we want instant credit and all the other benefits that come from living in an information society. But we as consumers can expect that those entities entrusted with our information -- whether directly or via a third party -- take strong measures to protect that information, and don't mislead consumers or government officials regarding their privacy and security policies.

Identity theft is a red-hot issue right now, and about a half-dozen congressional committees are scrambling to be the ones to tell their constituents that they've written the silver-bullet legislation that will make this all go away. Rushing a new law out the door is rarely the right response to a problem, but there is a problem. Consumers believe there is, as poll after poll demonstrates, and if consumers are concerned and altering their behavior accordingly, that impacts e-commerce and the larger economy.

PFF is lucky to have former FTC Commissioner Orson Swindle on board here -- someone who thinks very little of ChoicePoint's actions -- and we'll have more to say on data security soon in a Progress on Point. In the meantime, let's remember that while everyone clamors to find something new to enact to address identity theft, a federal agency already is addressing it.

posted by Patrick Ross @ 3:14 PM | Capitol Hill , E-commerce , Privacy , The FTC