Identity Theft

This post sort of follows on from my musings on Pownce, and the relative (in)utility of the current glut of social networking "services".

Received any Spock trust invitations lately?

Spock, a self-described “people search application that allows you to see what your friends and colleagues are doing on the web”, could potentially tell us something about the future of metasearch engines—those clunky crawlers that tried, and mostly failed, to bridge the gap between structured web directories like Dmoz, and the chaotic openness of Google’s PageRank™ technology. Although its interface design, a web-2.0-ified “Google Classic Home”, is so trendy that I’m afraid it’s already terribly dated.

On December 10 and 11, 2007, the Federal Trade Commission will host a public workshop, “Security in Numbers: SSNs and ID Theft,” to explore the uses of Social Security numbers in the private sector and the role of SSNs in identity theft.  This workshop continues the work of the President’s Identity Theft Task Force, and, in particular, its recommendation to explore ways to reduce unnecessary uses of the SSN. 

The workshop will provide a forum for public-sector, private-sector, and consumer representatives to discuss the various uses of SSNs by the private sector, the necessity of those uses, alternatives available, the challenges faced by the private sector in moving away from using SSNs, and how SSNs are obtained and used by identity thieves.  The workshop will be free and open to the public.

For more information, visit http://www.ftc.gov/bcp/workshops/ssn/index.shtml

The Federal Trade Commission (FTC) has announced that it is seeking comments on the use of Social Security Numbers (SSNs) in the private sector. This inquiry is in response to a recommendation in the President’s Identity Theft Task Force Strategic Plan that called for the development of a comprehensive record on the uses of the SSN in the private sector and evaluate the necessity of those uses.

Similar to love, identity theft can occur when you least expect it! When that hot guy or girl in the coffee shop starts flirting...it could be more than just your heart at stake!

This PSA was inspired by a winning submission for the 2007 Computer Security Awareness Video Contest, which was organized by the EDUCAUSE/Internet2 Computer and Network Security Task Force, in cooperation with ResearchChannel, and sponsored by the National Cyber Security Alliance.

View or download this year's winning videos. And don't forget to check out the 2006 winners.

The Government Accountability Office (GAO) has released a Report on Data Breaches that concludes while "breaches of sensitive information have occurred frequently and under widely varying circumstances, . . . the extent to which data breaches have resulted in identity theft is not well known." It further concludes that "should Congress choose to enact a federal notification requirement, use of a risk-based standard could avoid undue burden on organizations and unnecessary and counterproductive notifications of breaches that present little risk."

Some further higher education references in the report:

In this 55 minute podcast, we present a general session from the EDUCAUSE 2007 Policy Conference entitled, “Security Breaches and Identity Theft”. This is a panel discussion moderated by EDUCAUSE Government Relations Officer and Security Task Force Coordinator, Rodney Peterson. The discussion features: 

Michael Atleson, Attorney, Division of Privacy and Identity Protection, Federal Trade Commission

Liz Gasster, General Counsel and Acting Executive Director of the Cyber Security Industry Alliance

On March 21, 2007, Jim Davis (Associate Vice Chancellor and Chief Information Officer at the University of California, Los Angeles) appeared before the United States Senate Judiciary Committee's Subcommittee on Terrorism, Technology and Homeland Security Committee to provide his testimony during a hearing on "Identity Theft: Innovative Solutions for an Evolving Problem".

In this one-day seminar, “A Blueprint for Handling Sensitive Data: Security, Privacy, and Other Considerations,” on May 2, 2007, keynote speakers (UPDATED) Rodney J. Petersen, Government Relations Officer and Security Task Force Coordinator, EDUCAUSE, and David Escalante, Director of Computer Policy & Security, Boston College, will outline a blueprint for protecting sensitive data according to the EDUCAUSE/Internet2 Computer and Network Security Task Force. The seminar will be held at Michigan State University in East Lansing. A recent study by the EDUCAUSE Center for Applied Research (ECAR) found that campus security incidents compromised personal information, leading to bad publicity and the potential for identity theft. This seminar will address the steps necessary to protect sensitive data, which include implementing an information security risk management program, data-classification policies, awareness programs, and technology solutions, as well as clearly defining roles and responsibilities.

Tune in August 16 to hear from the FTC's Nat Wood about how you can protect yourself from identity theft and make presentations to your community. Unable to tune in? Listen later by visiting the archives.

The Guardian is carryingan article by Steve Boggan on how insecure airline passenger'sdetails are. He paints the US government as the principal underminerof the privacy and security of the individual's information, but Iimagine that a number of organisations on this side of the Atlanticfind access to the information very useful too.