Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: ID Theft

Social Security Numbers: OMB and Federal Efforts to Reduce Collection, Use, and Display

Social Security Numbers: OMB and Federal Efforts to Reduce Collection, Use, and Display, GAO-17-655T: Published: May 23, 2017. Publicly Released: May 23, 2017

In its draft report, GAO noted that several governmentwide initiatives aimed at eliminating the unnecessary collection, use, and display of Social Security numbers (SSN) have been underway in response to recommendations that the presidentially appointed Identity Theft Task Force made in 2007 to the Office of Personnel Management (OPM), the Office of Management and Budget (OMB), and the Social Security Administration (SSA). However, these initiatives have had limited success. In 2008, OPM proposed a new regulation requiring the use of an alternate federal employee identifier but withdrew its proposed regulation because no such identifier was available. OMB required agencies to develop SSN reduction plans and continues to require annual reporting on SSN reduction efforts. SSA developed an online clearinghouse of best practices associated with the reduction of SSN use; however, the clearinghouse is no longer available online. All 24 agencies covered by the Chief Financial Officers (CFO) Act developed SSN reduction plans and reported taking actions to curtail the use and display of the numbers. Nevertheless, in their responses to GAO’s questionnaire and follow-up discussions, the agencies cited impediments to further reductions, including (1) statutes and regulations mandating the collection of SSNs, (2) the use of SSNs in necessary interactions with other federal entities, and (3) technological constraints of agency systems and processes. Further, poor planning by agencies and ineffective monitoring by OMB have limited efforts to reduce SSN use. Lacking direction from OMB, many agencies’ reduction plans did not include key elements, such as time frames and performance indicators, calling into question their utility. In addition, OMB has not required agencies to maintain up-to-date inventories of their SSN holdings or provided criteria for determining “unnecessary use and display,” limiting agencies’ ability to gauge progress. In addition, OMB has not ensured that agencies update their annual progress nor has it established performance metrics to monitor agency efforts to reduce SSN use. Until OMB adopts more effective practices for guiding agency SSN reduction efforts, overall governmentwide reduction will likely remain limited and difficult to measure, and the risk of SSNs being exposed and used to commit identity theft will remain greater than it need be.”

States With the Most (and Least) Identity Theft

“The risk of identity theft in the United States continues to rise. The incidence of such crimes rose consistently over the  last decade, from 246,214 in 2006 to 399,225 last year. The rate of identity theft varies considerably between states. Using the Federal Trade Commission’s 2017 Consumer Sentinel Network Data Book, 24/7 Wall St. reviewed the… Continue Reading

Paper – Cybersecurity, Identify Theft, and Standing Law

Chou, James C., Cybersecurity, Identify Theft, and Standing Law: A Framework for Data Breaches Using Substantial Risk in a Post-Clapper World (December 15, 2016). National Security Law Brief, Vol. 7, No. 1, 2016. Available at SSRN: https://ssrn.com/abstract=2938692 “Since Clapper v. Amnesty International USA, many courts have shut the door on victims alleging a heightened risk… Continue Reading

Javelin 2017 Identity Fraud Study

“The 2017 Identity Fraud Study released today by Javelin Strategy & Research (@JavelinStrategy), revealed that the number of identity fraud victims increased by sixteen percent (rising to 15.4 million U.S. consumers) in the last year, a record high since Javelin Strategy & Research began tracking identity fraud in 2003. The study found that despite the… Continue Reading

FTC Releases New Report on Cross-Device Tracking

“The Federal Trade Commission has released Cross-Device Tracking: An FTC Staff Report that describes the technology used to track consumers across multiple Internet-connected devices, the benefits and challenges associated with it, and industry efforts to address those challenges. The report concludes by making recommendations to industry about how to apply traditional principles like transparency, choice,… Continue Reading

Data Breaches Increase 40 Percent in 2016, Finds New Report from Identity Theft Resource Center and CyberScout

SCOTTSDALE, Ariz. and SAN DIEGO, Jan. 19, 2017 /PRNewswire/ — The number of U.S. data breaches tracked in 2016 hit an all-time record high of 1,093, according to a new report released today by the Identity Theft Resource Center (ITRC) and CyberScout (formerly IDT911). This represents a substantial hike of 40 percent over the near record high of… Continue Reading

FTC – New Identity Theft Report helps you spot ID theft

“Do you ever hear from customers or employees who want you to know that they’ve been affected by identity theft? If so, you’ll probably start seeing them use the new FTC Identity Theft Report. It tells you that someone important to your business is a crime victim, has alerted law enforcement, and is working to… Continue Reading

NIST study – Security Fatigue

Security Fatigue, Issue No. 05 – Sept.-Oct. (2016 vol. 18) ISSN: 1520-9202 pp: 26-32 DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MITP.2016.84 “Security fatigue has been used to describe experiences with online security. This study identifies the affective manifestations resulting from decision fatigue and the role it plays in users’ security decisions. A semistructured interview protocol was used to collect… Continue Reading

Online or on paper, get the latest FTC identity theft info

“Looking for information on dealing with identity theft? The FTC has new and revised identity theft publications that reflect features of IdentityTheft.gov that make it easier to report and recover from identity theft. Here’s what’s hot off the presses: Identity Theft – What to Know, What to Do gives an overview of identity theft and… Continue Reading

Five EFF Tools to Help You Protect Yourself Online

“… five of EFF’s many technology tools and projects. In different ways, they all function to increase your security on the Internet—with the implicit assertion that personal privacy is at the foundation of that security.” Continue Reading

Federal Information Security: Actions Needed to Address Challenges

Federal Information Security: Actions Needed to Address Challenges, GAO-16-885T: Published: Sep 19, 2016. Publicly Released: Sep 20, 2016. “Cyber incidents affecting federal agencies have continued to grow, increasing about 1,300 percent from fiscal year 2006 to fiscal year 2015. Several laws and policies establish a framework for the federal government’s information security and assign implementation… Continue Reading

Treasury IG – Processes Are Not Sufficient to Assist Victims of Employment-Related Identity Theft

Treasury Inspector General for Tax Administration – Processes Are Not Sufficient to Assist Victims of Employment-Related Identity Theft. August 10, 2016. Reference Number: 2016-40-065. “Taxpayers identified as victims of employment-related identity theft are not notified. During the period February 2011 to December 2015, the IRS identified almost 1.1 million taxpayers who were victims of employment-related… Continue Reading