If this is old news, let me know immediatlely, and I shall gracefully delete this. On the front page of the online USAToday (I know, lousy paper), there is
an article about a new Republican Bill to pass a federalized standard for the freezing of personal credit lines. Instead of being able to simply freeze ones credit in the event that identity theft is feared, one would have to PROVE that a loss had occurred.
"It's like telling someone you can't put a deadbolt on your front door until after you've been burglarized," says Washington state Attorney General Rob McKenna.
Here's a letter dated months ago
imploring Congress to rethink the bill.
MORE-->
"The trigger for notification would leave consumers uninformed in many instances when personal information has been breached"
Companies will not be required to notify the consumer of possible identity theft unless there has been or is likely to be "substantial harm or inconvenience" in the form of material financial loss. Companies will not go out of their way to define this vague "rule" in such a way that burdens themselves.
"The freeze applies to victims only, yet the bill overturns state laws that give everyone the right to place a freeze.
It is pointed out that, if you are informed that your Social Security number has been compromised, you will NOT be able to freeze new credit lines from openning until AFTER one has, in fact, been openned. A few years ago, I was shocked to find out the I had a $13000 credit line openned in Los Angeles, a city I'd never visited. I had just closed on a house in NC, so the company HAD to wonder how I was openning credit at a second address in CA. Insane! Luckily, it had not been used during the 9 months it was openned.
More horrors are discussed in that open letter, but you can get a fairly good idea of how bad this bill will be for consumers. I wonder how this will be painted as "good" for most Americans.
Republican Steve Tourette, from Ohio, is the bill's co-author. He says that credit freezes must be held in check to keep the financial system from unraveling.
"Even the simplest process of buying groceries with your credit or debit card will break down if we allow a patchwork of competing and conflicting state laws," he says.
Ah, yes. Everyone can see how out of control these 'simplest processes' have become lately, best shore up the credit industry and federalize standards for identity theft notification! Great thinking.
Another part of the provision, aside from the initial PROOF that a misuse has already happened, will include the necessity of a police report before credit can be frozen. Another obstacle. I've been lucky enough to have never filed a police report, and I wouldn't know exactly how to go about it. Many are less clever than even me (heh!). Clearly, the credit industry will be make more money if every identity theft leads to at least a single illicit purchase before being caught. And it's OBVIOUS that the victim will be pressured to repay these losses. If ALL their ducks are not in a row before MULTIPLE illegal uses occur, they'll end up screwed.
I'm no banking expert, but this seems completely irrational.
MORE: From the bill itself,
"SAFEGUARD FACTORS- In determining the likelihood of a data security breach, a consumer reporter may consider whether the information subject to the potential breach is unusable because it is encrypted, redacted, requires technology to use that is not generally commercially available, or has otherwise similarly been rendered unreadable.
So, Equinox gets to decide if the breach is worthy of reporting to the consumer based on a completely subjective decision of the information's "usability". NICE STANDARD!
MORE: You won't be able to sue them if they lose your information, as long as they're TRYING not to:
`(3) JOINT RULEMAKING FOR SAFE HARBOR- In accordance with subsection (j), the Secretary of the Treasury, the Board of Governors of the Federal Reserve System, and the Commission shall jointly develop standards and guidelines, which shall be issued by all functional regulatory agencies, that, in any case in which--
`(A) free file monitoring is offered under paragraph (1) to a consumer;
`(B) subsequent to the offer, another party misuses sensitive financial identity information on the consumer obtained through the breach of data security (that gave rise to such offer) to commit identity theft against the consumer; and
`(C) at the time of such breach the consumer reporter met the requirements of subsections (a) and (d),
exempts the consumer reporter from any liability for any harm to the consumer resulting from such misuse, other than any direct pecuniary loss or loss pursuant to agreement by the consumer reporter, except that nothing in this paragraph shall be construed as creating any inference with respect to the establishment or existence of any such liability.
subsections (a) and (d) are vague sections saying that consumer reporting companies have the obligation to ATTEMPT to protect our info and to ATTEMPT to close loopholes that allow breaches. So, as long as they weren't just POSTING your SS# on a bathroom wall, they're not liable. Too bad.