I’m happy to see that we have a variety of opinions about how to approach this issue. So let me start by asking Jim Harper, who takes a dim view of regulation, arguing that “politicians, bureaucrats, and lobbyists don’t know how to do security any better than anyone else.” Maybe that’s true, maybe not. But seems to me that regulation has worked in other industries, such as food and transportation. Why make the historical exception here? Explain why consumers should trust the industry to police itself without being accountable to the public.

read roundtable discussion

More importantly, companies are legally liable if an employee can prove their employer negligently handled personal information that led to an identity theft. Many employees have won class action lawsuits. Law firms have posted special Web sites seeking clients to participate in negligence suits against employers.

read more..

State officials on Friday began notifying 465,000 Georgians that they might be at risk of identity theft because of a government security breach detected in April.

Joyce Goldberg, spokeswoman for the Georgia Technology Authority, emphasized that officials had no evidence that any personal data had been used for fraudulent purposes. But she said officials are alerting 244,000 motorists and 221,000 retired teachers, state employees, school employees and others who participated in the state Health Benefits Plan in 2002 that a former GTA employee downloaded their personal information to his home computers.

read more..

A television crew in Toronto making a movie about 9/11 Terrorist Attacks tried to replicate the event by spreading office paper throughout the streets of the city. It wasn’t until after it was scattered over several blocks that someone noticed it was confidential personal healthcare documents.

The sensational release not only made headlines, it got the attention of Ontario’s top information protection official Ann Cavoukian. Under the Personal Health Information Protection Act (PHIPA), the Canadian counterpart to HIPAA, the IPC’s have the authority to take extreme measures to secure patient information.

But Spam Email Campaigns Down For Second Month In A Row. Spam emails declined for the second consecutive month, 14,135 to 13,776, according to the Anti-Phishing Working Group. Efforts to combat phishing attacks have led cyber criminals to devote more resources to launch and sustain a campaign, according to the group.

Read more.

Biometric and other technology are finding niches in supermarkets, banks and retailers, prompting venture capitalists to back efforts intended to combat identity theft and fraud on the marketplace. During the first six months of this year, venture-capital firms shelled out $70 million into companies that make anti-ID theft software. In 2004, a total of about $101 million was devoted to these technologies, according to the MoneyTree Survey, which tracks venture funding.

Read more..

Websense’s semi-annual Security Trends Report found that phishers targeted smaller financial organizations, regional banks and credit unions during the first six months of 2005. Known as “puddle phishing,” phishers used the same techniques they relied on to hook victims in larger pools – spam and bogus Web sites. Worldwide, the attacks have used new “attack tools,” such as password-stealing Trojans, in recent months.

Read more…

Lucyna Turyk-Wawrynowicz of Queens, pleaded not guilty at her arraignment yesterday in Manhattan’s State Supreme Court on forgery and identity theft charges.

Read More…