Home Community Subscribe Advertise Contact

HOUSE - Reprints


Click Here to Return to the SDB Homepage
Homepage Magazine Resources News Events Community Newsletters

Click Here to Login to MySDB!


SSI

REB Storage Systems

Shred-Tech

Excel Storage Products

Andrews Software Inc.

Veco Plan LLC





Oswald Companies

Storage & Destruction Business Magazine » News »

TraceSecurity Criticizes Proposed Federal ID Theft Legislation

 
10/27/2005
Print This Story E-Mail This Story Save This Story

 

TraceSecurity, a provider of security compliance software and services headquartered in Baton Rouge, has criticized the proposed federal identity theft legislation, saying its executives have noticed certain flaws in the bill.

 

According to a press release from the company, TraceSecurity executives had been invited to Washington twice in 2005 to review the Specter-Leahy Personal Data Privacy and Security Act of 2005 and Sen. Diane Feinstein’s Database Security Breach Notification Act of 2005.

 

TraceSecurity executives claim to have spotted a number of issues that undermine the effectiveness of the Specter-Leahy bill.

 

“Proposed federal ID theft legislation lacks the teeth and understanding necessary to prevent future identity theft incidents from occurring,” says Jim Stickley, chief technology officer and head of social engineering for TraceSecurity. “The fact that financial institutions will not even be effected by this bill is ridiculous.”

 

The bill was introduced during the summer of 2005 by Sen. Arlen Specter, R-Pa., and Sen. Patrick Leahy, D-Vt.

 

Key features of the bill include:

 

  • Increasing criminal penalties for identity theft involving electronic personal data.
  • Giving individuals access to, and the opportunity to correct, any personal information held by data brokers.
  • Requiring entities that maintain personal data to establish internal policies that protect such data and vet third-parties they hire to process that data.
  • Requiring entities that maintain personal data to give notice to individuals and law enforcement when they experience a breach involving sensitive personal data.
  • Limits the buying, selling or displaying of a social security number without consent from the individual whose number it is, prohibits companies from requiring individuals to use social security numbers as their account numbers and places limits on when companies can force individuals to turn over those numbers in order to obtain goods or services, and bars government agencies from posting public records that contain Social Security numbers on the Internet.
  • Requiring the government to establish rules protecting privacy and security when it uses data broker information, to conduct audits of government contracts with data brokers and impose penalties on government contractors that fail to meet data privacy and security requirements.

 

After objections were raised last week by senators from Chairman Specter's own party regarding the impact of his bill, the Specter-Leahy Personal Data Privacy and Security Act Of 2005 was postponed until further discussion. The bill is in response to numerous highly publicized identity theft incidents that have exposed major vulnerabilities in the protection of consumers’ personally identifiable information such as social security numbers, credit card numbers, bank account numbers, etc.

 

“I think it's great that Congress is involved and trying to pass a bill that will better protect consumers and businesses alike from identity theft,” says Stickley. “The problem is that the Leahy-Specter bill will have as little of effect as the Anti-Spam bill passed a few years back.”

Thursday, October 27, 2005

Post your comments on this story on the Storage & Destruction Business Message Board

HOUSE - E-News
Allegheny Paper Shredders


© 1997-2009, GIE Media, Inc. All rights reserved. Privacy Policy and Terms and Conditions