Identity Theft Expert Rob Douglas of PrivacyToday.com is now active online at www.IdentityTheft.info

ID Theft & Information Security News at the Click of Your Mouse

 

 

Home    Contact Us    News    PT in the News    Services    Speeches    Identity Theft

ID Theft & Information Security News

Edited by Rob Douglas

For the latest identity theft news and commentary please visit www.IdentityTheft.info

Send comments or suggested articles to:

Rob@IdentityTheft.info

Friday, December 28, 2007

AT&T Is Far From Alone On Data Breaches - In less than a week's time, San Antonio-based phone giant AT&T Inc. has sued data brokers for fraudulently accessing customers' private phone records and announced that hackers broke into one of its e-commerce sites to steal customer credit card data. Between the brokers and the hacking incident, the company said outsiders have accessed the private data of as many as 21,500 customers. Computer-security experts said data breaches — whether by hackers, internal thieves or employee carelessness — are on the rise, and AT&T isn't alone in grappling with them…Even though AT&T isn't alone, at least one expert said the breaches should be a wake-up call to the company. "AT&T's security measures have been defeated in the two major ways that they can be defeated," said Rob Douglas, a Colorado-based information security consultant. "First, they've been hacked, meaning there's a technological way to defeat their security system. And with the data brokers, they've also been defeated by people just calling up and pretending to be a customer."

AT&T Sues, Alleging Fraudulent Access to Customer Accounts - AT&T, headquartered in San Antonio, where the suit was filed, hopes to learn the defendants' identities through their Internet protocol addresses. AT&T has "most if not all" of the defendants' IP addresses and will ask the court to subpoena the Internet providers to disclose the identities linked to those addresses, spokesman Walt Sharp said…Sharp said that of AT&T's total 48 million land lines, 2,500 defrauded accounts is a relatively small amount. "It's very, very, very tiny," he said. "But we consider any too many." Information security consultant Rob Douglas said 2,500 accounts is "the low end of what's stolen every day." Thieves are after more than phone records, he said. "They steal your cable TV records, your satellite TV records, your gas and electric records and all the rest," said Douglas, who edits Privacytoday.com, an information security Web site. "Every interaction we have is being recorded somewhere, and every minute thieves are working trying to figure out how to gain access to that information and use it for profit. That's what this demonstrates."

AT&T Takes Data Brokers To Court - In a lawsuit filed Wednesday in federal court in San Antonio, the company says the defendants used false identities to set up online billing accounts and illegally obtain up to 2,500 customers' calling records…Phone companies such as AT&T are taking legal action because the federal government hasn't acted decisively to stop the practice, said Robert Douglas, a Colorado-based information security consultant who has testified before Congress on the issue. Current federal laws don't specifically prohibit the sale of private phone records.

AT&T sues brokers over customer data - While there are thousands of places to buy records, most can be tracked back to a fairly small number of data brokers who actually extract customer information, said Rob Douglas, CEO of PrivacyToday.com and an information security consultant who has testified before Congress on the issue. “The people who are actually doing this is a relatively finite number ... at most a couple dozen across the country,” Douglas said from Steamboat Springs, Colo. Douglas said those seeking information like phone records could include soon-to-be ex-spouses in the midst of a divorce proceeding, competing businesses and corporations, stalkers and law enforcement. Douglas said “pretexting” — where a data broker poses as the customer to get information — is most commonly done by phone in calls to customer service centers or the victims themselves.

AT&T unleashes lawyers -- phone-record 'roaches' scurry - AT&T filed a lawsuit in San Antonio today designed to unmask the identities of 25 so-called data brokers who the carrier says have ripped off phone-calling records from 2,500 of its customers -- a legal countermeasure one expert says may already be paying small dividends…Security expert Rob Douglas, who has testified before Congress about phone-records theft, says legal volleys such as the one launched by AT&T today -- as well as those of other carriers -- hold significant promise for driving data brokers out of business, perhaps more so than the spate of state and federal legislation filed in recent months…"The civil remedies that the carriers can avail themselves of can bring a pain that many of the brokers will find intolerable.  Ideally what I'd like to see are the carriers banding together in a concerted effort to go after the brokers." However, any such benefit will require persistent pressure, adds Douglas. "That is why this needs to be an ongoing effort because if this is a one-shot deal on the part of the carriers that have brought suit to date, the roaches will scurry back in when they think the lights have dimmed."

Rob Douglas of PrivacyToday.com Talks About Privacy Issues With Ron Reagan on KIRO Radio – Rob & Ron Reagan discussed NSA phone surveillance; monitoring of international banking transaction; the theft and sale of Americans’ phone and banking records by private investigators and illicit information brokers; and, how to protect yourself from identity theft.

Rob Douglas of PrivacyToday.com Delivers Keynote Address at AAFCS 97th Annual Conference & Expo - Identity Theft: It Can Cost You Your Life!
Ten million Americans will fall prey this year to identity thieves. Social security numbers, bank transactions, phone call records, and yes—even your medical history—are for sale on the Internet. This multi-media presentation will demonstrate why identity theft is not just a severe threat to your financial security, but can be a threat to your life. With vivid and sometimes frightening examples, you'll learn why identity theft is the nation's fastest growing crime and what steps educators, corporate executives, and consumers can take to combat this growing epidemic. Most importantly, through real life examples combined with insights from Robert Douglas, a leading authority on identity crimes, you'll learn what skills you and your family need to protect yourselves.

Information Brokers Grilled At Congressional Hearing - State Rep. Jim Welker invoked his Fifth Amendment right against self-incrimination at a congressional hearing today probing the use of deception to obtain and sell phone records and other private information. Another Colorado information broker, John Strange of Frederick, also invoked the Fifth, while James Rapp of Parker and David Gandal of Loveland described the ease at getting private information by impersonating customers and others. Rapp says he’s now out of the business…Welker, a Loveland Republican who owns Universal Communications Co., has been under investigation by the House committee for selling private information including phone records. In a previous interview, he acknowledged his firm sold cell-phone records but denied the company did anything illegal and maintained the records weren’t sold to the general public…Colorado security consultant Rob Douglas said he was "amazed that Representative Welker — after all his comments from the capitol of his home state about how he’d done nothing wrong — went to the nation’s capitol and meekly took the Fifth Amendment." Douglas also said he felt the committee overall did a "poor job" in demonstrating the harm that can be done to Americans when private information is sold — "from identity theft to stalking to murder. Overall, they barely scratched the surface of the underground market for stolen records of Americans’ most personal information."

First Data Tied To Post-9/11 Terror Sweep - In the days after the Sept. 11 terrorist attacks, First Data Corp. and its Western Union unit volunteered itself for the U.S. government's war on terror. FBI agents happily turned the Greenwood Village-based company into a "deadly weapon" to fight terrorism, according to a new book by Pulitzer Prize winner Ron Suskind. At the same time, however, the Bush administration used First Data to create a "vast search-and-seizure machine" that sifted through millions of Americans' credit-card purchases and wire transfers, unbeknownst to congressional overseers or the secret court designed to rule on matters of domestic surveillance, Suskind reported…On the two-year anniversary of the creation of the Treasury Department's Office of Terrorism and Financial Intelligence in April, then-Treasury Secretary John Snow said his department had "been at the forefront of a concerted effort with our allies around the world - public and private sector alike - to collect, share and analyze all available information to track and disrupt the activities of terrorists…Financial intelligence is among our most valuable sources of data for waging this fight."… Rob Douglas, a Steamboat Springs-based privacy consultant, was working with the American Bankers' Association in 2001. "It was common knowledge in those circles that in the aftermath of Sept. 11, and for a substantial period of time after, that many institutions were giving carte blanche access to federal investigators," he said. "A lot of people were willing to look the other way and allow those domestic activities to take place."

Welker Called To Testify On Phone Files - State Rep. Jim Welker has been subpoenaed to testify at a congressional hearing today about the sale of private phone records but is expected to invoke his Fifth Amendment right against self-incrimination. At least three other current and former Colorado information data brokers - James Rapp, David Gandal and John Strange - are expected to testify at the two-day House Energy and Commerce subcommittee hearing…Colorado security consultant Rob Douglas said the hearing also is a "welcome development" to explore more deeply the relationship between data brokers and law enforcement agencies. Douglas was working as a consultant to the congressional committee but quit after evidence surfaced that federal law enforcement agencies also were buying the phone records - instead of getting proper court orders. "It should be an eye opener for the American public," Douglas said of the hearing. "I'll be quite curious to see how these federal agencies justify this."

Is the NSA spying on U.S. Internet traffic? - In a pivotal network operations center in metropolitan St. Louis, AT&T has maintained a secret, highly secured room since 2002 where government work is being conducted, according to two former AT&T workers once employed at the center. In interviews with Salon, the former AT&T workers said that only government officials or AT&T employees with top-secret security clearance are admitted to the room, located inside AT&T's facility in Bridgeton. The room's tight security includes a biometric "mantrap" or highly sophisticated double door, secured with retinal and fingerprint scanners. The former workers say company supervisors told them that employees working inside the room were "monitoring network traffic" and that the room was being used by "a government agency." The details provided by the two former workers about the Bridgeton room bear the distinctive earmarks of an operation run by the National Security Agency, according to two intelligence experts with extensive knowledge of the NSA and its operations. In addition to the room's high-tech security, those intelligence experts told Salon, the exhaustive vetting process AT&T workers were put through before being granted top-secret security clearance points to the NSA, an agency known as much for its intense secrecy as its technological sophistication.

AP Exclusive: Data Brokers Get by Subpoenas - Federal and local police across the country - as well as some of the nation's best-known companies - have been gathering Americans' phone records from private data brokers without subpoenas or warrants. These brokers, many of whom market aggressively on the Internet, have broken into customer accounts online, tricked phone companies into revealing information and sometimes acknowledged that their practices violate laws, according to documents obtained by The Associated Press…Those using data brokers include agencies of the Homeland Security and Justice departments - including the FBI and U.S. Marshals Service - and municipal police departments in California, Florida, Georgia and Utah. Experts believe hundreds of other departments frequently use such services.

'I Just Bought Your Hard Drive' – Bob Sullivan’s Red Tape Chronicle.

VA official steps down after theft - A Veteran Affairs deputy assistant secretary who didn't immediately notify top officials about a theft of 26.5 million veterans' personal information is stepping down, citing missteps that led to the security breach.

College Door Ajar for Online Criminals - Computer systems at universities across the nation are becoming favorite targets of hackers, and rising numbers of security breaches have exposed the personal information of thousands of students, alumni, employees and even college applicants. Since January, at least 845,000 people have had sensitive information jeopardized in 29 security failures at colleges nationwide. In these incidents, compiled by identity theft experts who monitor media reports, hackers have gained access to Social Security numbers and, in some cases, medical records.

Senate Panel Split Over Questioning Phone Company Executives - Members of a Senate committee are divided over proposals to question executives of four telephone companies about whether they gave the government records of millions of calls in the United States to aid anti-terrorist surveillance. After objections from both Republicans and Democrats, Judiciary Committee Chairman Arlen Specter (R-Pa.) yesterday postponed a vote on issuing subpoenas for the chief executives of Verizon Communications Inc., AT&T Inc., BellSouth Corp. and Qwest Communications International Inc. He scheduled more debate for June 6 after Congress returns from a one-week recess…Joseph Nacchio, former chief executive of Qwest, has said through his attorney that he refused the government's request for such records after concluding it would violate federal privacy law. AT&T spokesman Walt Sharp said today in an e-mail that the company "is happy to appear before the committee as the members desire." Verizon spokesman Bob Varettoni declined to comment. F. Duane Ackerman, BellSouth's chairman and chief executive, "has nothing to hide" and is willing to say under oath that the company has "never provided any information at all to the NSA," said spokesman Jeff Battcher. "We can't find anybody in this company who has ever been approached by the NSA," Battcher said.

Eavesdropping to Go On, Cheney Tells Midshipmen - Vice President Cheney highlighted America's intelligence efforts yesterday as critical tools in the fight against terrorists at home and abroad and vowed the administration would continue a controversial eavesdropping program that he said has been wrongly dubbed "domestic surveillance."… Cheney said Bush authorized the National Security Agency after the Sept. 11, 2001, attacks to intercept a certain category of terrorist-linked international communications. "If people in the United States are communicating with al-Qaeda, they are talking to the enemy -- and we need to know about it," he said. The administration has been under fire since the New York Times revealed in December the existence of warrantless NSA wiretaps of Americans' international calls. USA Today recently reported that the NSA also collected millions of phone records from U.S. businesses and homes. The highly classified program was "improperly revealed to the news media, some of which now describe it as domestic surveillance," Cheney said. "That is not the case. We are talking about international communications, one end of which we have reason to believe is related to al-Qaeda or to terrorist networks. It's hard to think of any category of information that could be more important to the safety of the United States."

VA Knew Early About Data Theft - Senior officials at the Department of Veterans Affairs knew that sensitive personal information about veterans had been stolen from a VA employee's home within hours of the crime but did not tell Secretary Jim Nicholson until 13 days later, according to a VA briefing document…Among items stolen from the Aspen Hill home was an external computer hard drive that VA officials say contained the unencrypted names, birthdates and Social Security numbers of 19.6 million to 26.5 million veterans. The 12-page timeline provides the first detailed accounting of how VA officials reacted to one of the nation's largest information security breaches, an institutional failure that ignited anxiety and anger among millions of veterans concerned about identity theft. It also reveals new details about the 60-year-old man at the heart of the scandal. He is a senior-level career employee working as an information technology specialist in the Office of Policy. As a GS-14 level employee, he earns between $91,407 and $118,828 a year.

Hayden Confirmed as CIA Chief - Air Force Gen. Michael V. Hayden, a career intelligence officer who has overseen some of the government's most secret and controversial surveillance programs, was confirmed by the Senate yesterday to head the CIA as it tries to regain some of its lost luster…Hayden's nomination drew fire from some Democrats and civil liberties groups because he headed the National Security Agency when it began conducting warrantless wiretaps of Americans' international phone calls in a bid to find possible terrorists. Hayden and Bush, who acknowledged the program only after press reports outlined it, have said the effort is narrowly targeted at terrorism suspects. But thousands of phone calls reportedly have been monitored without producing promising leads, and many lawmakers say Hayden and other officials have yet to explain adequately why they should not have to obtain court warrants for the wiretaps.

Time Ordered to Give Internal Documents to Libby - Time magazine must turn over some internal documents to former vice presidential aide I. Lewis "Scooter" Libby's attorneys because the evidence could help his defense against perjury and obstruction-of-justice charges in the CIA leak case, a federal judge ruled yesterday. U.S. District Judge Reggie B. Walton said Libby is entitled to drafts of an article by Time reporter Matthew Cooper and accompanying intraoffice correspondence because they may help Libby challenge Cooper's testimony when he is called as a witness by Special Counsel Patrick J. Fitzgerald. In granting Libby's request for the Time documents, Walton delivered the latest in a string of court defeats for media efforts to shield news-gathering activities from the legal process. Just as previous courts had ruled that reporters must testify to a grand jury about their confidential sources, Walton rejected claims by Time and other news organizations that the First Amendment or other federal law protects their internal documents from a defendant's pretrial subpoenas. Walton's 40-page opinion noted that, in the CIA leak case, reporters "were not simply reporting on criminal activity; rather their conversations with the defendant form the predicate for several charges in the indictment."

Are the Police Digging into Your Phone Records? - The National Security Agency may not be the only one looking at your phone records. As the agency’s controversial program of collecting Americans’ calling data continues to draw heat, new questions have emerged about whether federal and local law enforcement officials are possibly skirting privacy laws by obtaining phone records from companies that get the information in a questionable manner and then hawk it over the Internet. Since February, Congress has been investigating such so-called data brokers for the ways in which they gather their information. Some of them use people inside the phone company who are willing to divulge the data. But more commonly, these businesses obtain phone records through an illegal practice known as "pretexting," in which someone calls up the phone company and impersonates a subscriber to con the service representative into releasing copies of the records. The possible connection with law enforcement came to light when the data brokers were asked as part of the Congressional inquiry to submit letters revealing their client lists. One data broker listed as clients the FBI and unspecified "foreign governments," while another claimed to have done work for the Department of Homeland Security…In its letter to the House committee, made public earlier this month, Advanced Research, Inc. (ARI), the operator of ADVSearch.com, said the company has "done work for municipalities, banks, mortgage and insurance companies, private companies, foreign governments, law enforcement, even the FBI."… Patrick Baird, vice president of PDJ investigations, says that in its six years the company has supplied information for between 200 and 300 law enforcement cases. He said the FBI and the Department of Homeland Security were among the company's past clients.

Data theft not reported for two weeks - Under intense bipartisan fire from Capitol Hill, Veterans Affairs Secretary Jim Nicholson said Wednesday he was outraged by his agency’s decision to keep the theft of veterans’ personal data quiet for two weeks…Nicholson’s remarks came amid growing outrage from lawmakers over the May 3 theft, which involved the birthdates and Social Security numbers of 26.5 million veterans. The VA employee had taken the information home without authorization…The Senate Homeland Security Committee and the Committee on Veterans Affairs said they would hold a joint emergency hearing Thursday and call Nicholson to testify. “Twenty-six million people deserve answers,” said Sen. Larry Craig, R-Idaho, chair of the VA panel.

Veterans Angered by File Scandal - Veterans brimmed with shock and anger yesterday at the loss of their personal data by the Department of Veterans Affairs, but in many ways the information security breach should not have come as a surprise. The department has consistently ranked near the bottom among federal agencies in an annual congressional scorecard of computer security. For five years, the VA inspector general has identified information security as a material weakness and faulted officials for slow progress in tackling the problem.

Gonzales Defends Phone-Data Collection - Attorney General Alberto R. Gonzales said yesterday that the government can obtain domestic telephone records without court approval under a 1979 Supreme Court ruling that authorized the collection of business records…Gonzales has previously defended the government acquisition of phone company records on the grounds that privacy protections do not apply to them. But his reference to the 1979 Supreme Court case may hint that a technologically updated version of the pen register has been used on a much wider scale in the NSA operation.

FCC won't investigate NSA call program - The U.S. Federal Communications Commission will not pursue complaints about a spy agency's access to millions of telephone records because it cannot obtain classified material, the FCC's chairman said in a letter released on Tuesday…”We can't have a situation where the FCC, charged with enforcing the law, won't even begin an investigation of apparent violations of the law because it predicts the administration will roadblock any investigations citing national security," Markey said in response to Martin.

FCC Refuses to Investigate NSA Program, Predicting Likely Administration Road Blocks – [Press release from Congressman Ed Markey] Last week Representative Edward J. Markey (D-MA), Ranking Democrat on the House Subcommittee on Telecommunications and the Internet, sent a letter to the Chairman of the Federal Communications Committee (FCC) regarding reports of the disclosure by the nation’s largest telecommunications carriers, AT&T, Verizon, and BellSouth, of private consumer information from millions of Americans to the National Security Agency (NSA).  Specifically, Rep. Markey requested that the FCC investigate these apparent violations of the Communications Act or explain why the agency thought the NSA program did not violate the law.  Today the FCC refused to commence an investigation or respond to Rep. Markey’s questions, citing the Bush Administration’s likely claim of “states secrets privilege.”… “Today the watchdog agency that oversees the country’s telecommunications industry refused to investigate the nation’s largest phone companies’ reported disclosure of phone records to the NSA.  The FCC, which oversees the protection of consumer privacy under the Communications Act of 1934, has taken a pass at investigating what is estimated to be the nation’s largest violation of consumer privacy ever to occur.  If the oversight body that monitors our nation’s communications is stepping aside then Congress must step in.” …On May 11, 2006, Representative Edward J. Markey, the ranking Democrat on the House Telecommunications and Internet Subcommittee along with all other Democrats serving on the House Energy and Commerce Committee sent a letter to Energy and Commerce Chairman Joe Barton (R-TX) requesting committee hearings on the subject.  To date there has been no response from the Committee Chairman.

Schakowsky demands answers from AT&T - Rep. Jan Schakowsky asked AT&T Tuesday to disclose whether it shared consumers' phone records and Internet messages with the National Security Agency…Schakowsky, who represents Chicago's North Side and north suburbs, also wanted to know if AT&T had played a role in sidetracking legislation she sponsored to ban the sale of consumers' phone records.

Vets deserve better treatment after data theft - On Monday, the Veterans Administration announced that an employee had taken home data on 26.5 million veterans, and that data was stolen. It's a staggering amount, dwarfing other recent high-profile incidents at major U.S. firms like Citibank, ChoicePoint, and Bank of America. And yet, the support offered to victims by the VA is dwarfed by the support corporate America has offered in similar situations. It's become standard practice for data leakers to offer free credit monitoring to victims, so they are able to watch their credit reports daily for signs of misuse. The services are available from the credit bureaus, and cost about $10 a month. Corporations that leak data and foot the bill usually get big discounts. So far, the vets haven't been offered credit monitoring. Instead, the VA is reminding victims that they are entitled to a free copy of their credit report every year, and then basically wishing them good luck.

Data about millions of veterans stolen - A computer disk with the personal information of about 26.5 million U.S. veterans was stolen from the home of a senior Veterans Affairs official, the federal department said Monday. Veterans Affairs Secretary James Nicholson said the stolen data included names, Social Security numbers, dates of birth and numerical disability ratings. However, he said that no medical records or financial information had been compromised.

Whistle-Blower's Evidence, Uncut - Former AT&T technician Mark Klein is the key witness in the Electronic Frontier Foundation's class-action lawsuit against the telecommunications company, which alleges that AT&T cooperated in an illegal National Security Agency domestic surveillance program.

Protection from prying NSA eyes - From the U.S. Fourth Amendment, the Stored Communications Act and U.S. wiretap laws to the Pen-register statute, Mark Rasch looks at legal protections available to the telecommunication companies and individual Americans in the wake of the NSA's massive spying program.

The Eternal Value of Privacy - The most common retort against privacy advocates -- by those in favor of ID checks, cameras, databases, data mining and other wholesale surveillance measures -- is this line: "If you aren't doing anything wrong, what do you have to hide?" Some clever answers: "If I'm not doing anything wrong, then you have no cause to watch me." "Because the government gets to define what's wrong, and they keep changing the definition." "Because you might do something wrong with my information." My problem with quips like these -- as right as they are -- is that they accept the premise that privacy is about hiding a wrong. It's not. Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.

Supreme Court Backs Police in Emergencies - The Supreme Court reaffirmed Monday that police can enter homes in emergencies without knocking or announcing their presence. Justices said four Brigham City, Utah, police officers were justified in going inside a home in 2000 after peering through a window and seeing a fight between a teenager and adults.

Prosecution of Journalists Is Possible in NSA Leaks - Attorney General Alberto R. Gonzales raised the possibility yesterday that New York Times journalists could be prosecuted for publishing classified information based on the outcome of the criminal investigation underway into leaks to the Times of data about the National Security Agency's surveillance of terrorist-related calls between the United States and abroad.

The Wiretapping Tango - By the mid-1970s illegal phone company cooperation with surveillance had become a scandal nationwide. Though no city's taps topped New Haven's, in cities like New York and Chicago, local police red squads routinely relied on friendly telecommunications executives for access to records. Under J. Edgar Hoover, the FBI did the same. In 1975 the Senate committee investigating government surveillance activities, headed by Frank Church, revealed that phone companies had for years allowed warrantless surveillance by the National Security Agency under the code name Operation Shamrock: computerized monitoring of all telegraphic data into and out of the United States. As Jason Vest of the Project on Government Oversight notes on POGO's blog, in 1976 Representative Bella Abzug did exactly what Senator Arlen Specter is threatening to do today--she subpoenaed top officials of Western Union, ITT and RCA Global. Indeed, today's NSA scandal and the Administration's response to the revelations track directly back to that era. When Abzug issued her subpoenas, Dick Cheney and Donald Rumsfeld--President Ford's Chief of Staff and Defense Secretary, respectively--persuaded the Justice Department to assert unprecedented claims of executive privilege not only over FBI and NSA testimony but also over that of Western Union and RCA. The companies, perhaps fearful of contempt citations from a Democratic Congress, refused to comply and provided Abzug with her documents…With the NSA scandal, the Administration smells opportunity. If Specter subpoenas telecom CEOs, look for this White House to reassert the executive privilege claims that failed in 1975--and this time, without fear of an opposition Congress, those CEOs may feel inclined to cooperate, establishing a new and dangerous zone of presidential power…The question is not data-mining but whether the Senate Judiciary Committee--and perhaps the court system--will have the political will and legal fortitude to stand up for the rule of law, or whether the clock will be turned back and it will be as if the reforms of the 1970s had never happened.

Legal loophole emerges in NSA spy program - An AT&T attorney indicated in federal court on Wednesday that the Bush administration may have provided legal authorization for the telecommunications company to open its network to the National Security Agency…AT&T may be referring to an obscure section of federal law, 18 U.S.C. 2511, which permits a telecommunications company to provide "information" and "facilities" to the federal government as long as the attorney general authorizes it. The authorization must come in the form of "certification in writing by...the Attorney General of the United States that no warrant or court order is required by law”… "If the certification exists, AT&T is in pretty good shape," said Marc Rotenberg, executive director of the Electronic Privacy Information Center and co-author of a book on information privacy law.

Privacy Case May Rest on Alito Vote - The Supreme Court heard a rare mid-May oral argument yesterday, on the authority of police to search private homes without knocking first -- in a major privacy-rights case likely to be decided by the vote of the court's newest member, Justice Samuel A. Alito Jr. At issue in Hudson v. Michigan , No. 04-1360, is the "knock and announce" rule rooted both in the Fourth Amendment to the Constitution and Anglo-American common law. The rule says that, in normal cases, police with a search warrant must knock and state their purpose, then wait a reasonable period for an answer, before forcing their way in.

ISP snooping plans take backseat - A prominent Republican in the U.S. Congress has backed away from plans to rewrite Internet privacy rules by requiring that logs of Americans' online activities be stored.

Online gamblers targeted by scams - Gamblers playing in online casinos are being warned that they may increasingly be targeted by hackers looking to steal.

Punting the Interesting Answers to the Secret Session - The dictionary tells us that "oversight" can mean either watchful supervision or an omission caused by inattention. As it held a confirmation hearing for CIA nominee Michael Hayden yesterday, the Senate intelligence committee seemed to be operating under the latter definition.

Hayden: Spying program is legal - President Bush's nominee to head the CIA defended the administration's warrantless surveillance program Thursday and said media reports about it have had a "corrosive effect" on the nation's intelligence gatherers.

BellSouth Wants Story Retractions - BellSouth Corp., the nation's third-largest telephone company, yesterday took a further step to distance itself from reports that it gave domestic calling records to the National Security Agency, demanding that USA Today retract parts of a story that disclosed the program.

Oversight? What oversight? Congress briefed, then gagged - When anti-terror programs of questionable legality are revealed — such as the National Security Agency's snooping on phone calls and records — President Bush hastens to point out that members of Congress from both parties have been "briefed." That's as it should be. Congress is supposed to oversee the executive branch's intelligence operations. From all indications, however, that oversight is badly broken.

Judge Rejects Call to Release AT&T Papers - The documents at issue in the case came from Mark Klein, a retired AT&T technician, who said in April that cables and equipment installed at an AT&T office in San Francisco in 2003 for the NSA "were tapping into" circuits carrying customers' dial-in services. He supplied documents to EFF to support his assertions, which were filed under seal…EFF legal director Cindy Cohn said in an interview that the case concerns customers' Internet and phone records, and, according to the information provided by Klein, AT&T's "real-time diversion of customer Internet data." The Justice Department has asked Walker to dismiss the case because it could compromise national security. Such requests are rarely rejected, said William Weaver, a law professor at the University of Texas at El Paso, and author of a book about law and presidential secrecy. "The case is going away. Courts almost never challenge the government on this," Weaver said. "It is the most deferred-to principle in law and a judge will not touch it."

Judge denies AT&T request for closed hearing - A federal judge rejected a request from AT&T on Wednesday to kick the public out of a hearing in a lawsuit alleging the telecommunications company illegally cooperated with the National Security Agency…Both sides have been quarreling over what to do with the documents provided by former AT&T technician Mark Klein and filed under seal with the court, with EFF saying they should be made entirely public and AT&T arguing they should be returned because they contain confidential information. Walker on Wednesday effectively split the difference, saying that he would maintain the current state of affairs for now. He also ordered EFF's attorneys not to "disclose these documents to any party," and rejected AT&T's request that Klein be muzzled, saying the company could sue him directly if it chose. Based on the information that's been made public so far, the 100 pages or so of information in Klein's documents appear to describe a secret room established in AT&T's main switching centers through which a tremendous amount of Internet and voice traffic flows. Those secret rooms, according to Klein's attorney, give the NSA full access to the company's networks and can be found in switching centers in San Francisco, Los Angeles, Seattle and San Jose, Calif.

Down to the Fourth Estate - This month, Congress is faced with a most inconvenient crime. With the recent disclosure of a massive secret database program run by the National Security Agency involving tens of millions of innocent Americans, members are confronted with a second intelligence operation that not only lacks congressional authorization but also appears patently unlawful. In December, the public learned that the NSA was engaging in warrantless domestic surveillance of overseas communications — an operation many experts believe is a clear federal crime ordered by the president more than 30 times. What is most striking about these programs is that they were revealed not by members of Congress but by members of the Fourth Estate: Journalists who confronted Congress with evidence of potentially illegal conduct by this president that was known to various congressional leaders…The plain fact is that neither party wants to acknowledge that the president might have ordered the commission of federal crimes in the name of national security. Thus, while there have been calls for another feeble hearing (possibly with telecom executives), Congress would prefer to investigate steroids in baseball and the selling of horses to France for gourmet dinners.

The NSA is on the line -- all of them - When intelligence historian Matthew Aid read the USA Today story last Thursday about how the National Security Agency was collecting millions of phone call records from AT&T, Bell South and Verizon for a widespread domestic surveillance program designed to root out possible terrorist activity in the United States, he had to wonder whether the date on the newspaper wasn't 1976 instead of 2006. Aid, a visiting fellow at George Washington University's National Security Archive, who has just completed the first book of a three-volume history of the NSA, knew the nation's bicentennial marked the year when secrets surrounding another NSA domestic surveillance program, code-named Project Shamrock, were exposed. As fireworks showered New York Harbor that year, the country was debating a three-decades-long agreement between Western Union and other telecommunications companies to surreptitiously supply the NSA, on a daily basis, with all telegrams sent to and from the United States. The similarity between that earlier program and the most recent one is remarkable, with one exception -- the NSA now owns vastly improved technology to sift through and mine massive amounts of data it has collected in what is being described as the world's single largest database of personal information. And, according to Aid, the mining goes far beyond our phone lines.

NSA report renews data mining concerns - The NSA declined to comment. But several experts said it seemed likely the agency would want to assemble a picture from more than just landline phone records. Other forms of communication, including cell phone calls, e-mails and instant messages, likely are trackable targets as well, at least on international networks if not inside the U.S.

GOP skepticism over NSA program widens - Speaking at a privacy seminar here at the Woodrow Wilson International Center for Scholars, Sen. John Sununu of New Hampshire said the latest revelations that the nation's three biggest phone companies have delivered call records on potentially millions of Americans to the NSA raise concerns about the government's encroachment into private citizens' lives, even if the actions were legal.

FCC Chief Calls for Probe of Phone Cos. - The Federal Communications Commission, which regulates the telephone industry, should open an investigation into whether the nation's phone companies broke the law by turning over millions of calling records to the government, an FCC commissioner says…"There is no doubt that protecting the security of the American people is our government's No. 1 responsibility," Commissioner Michael J. Copps, a Democrat, said in a statement Monday. "But in a digital age where collecting, distributing and manipulating consumers' personal information is as easy as a click of a button, the privacy of our citizens must still matter."… An FCC investigation, if undertaken, would be the second attempt this year by the government to explore an aspect of an NSA program. The Justice Department sought to investigate the role of its lawyers in the warrantless eavesdropping program, but it ended the inquiry last week because its lawyers were denied security clearances.

BellSouth Says It Gave NSA No Call Records - BellSouth said Monday its "thorough review" found no indication it gave telephone records to the National Security Agency as part of a federal anti-terrorism surveillance program.

From the Land of the Free to a Nation of Suspects - The Bush administration has managed to cross George Orwell with Sting. Every step you take, every move you make, Big Brother will be watching you…President Bush insisted, "We're not mining or trolling through the personal lives of millions of innocent Americans." In fact, that's exactly what his administration is doing -- 24 hours a day, 365 days a year…It's not just the NSA that will know whom you call. According to USA Today, the NSA told Qwest that "other government agencies, including the FBI, CIA and DEA, also might have access to the database." What's next? The IRS? The Office of Child Support Enforcement? Your local police? But privacy is valuable even if you have nothing to hide. Each of us benefits from having a zone in which we can do as we please without fear of exposure. Thanks to this program, there is no longer an impermeable barrier around your personal zone. It's more like a screen door on a submarine…Even if you don't care about the privacy of your phone records, you might care that we have a president who feels no obligation to obey the law. You might care that if the government was secretly doing this, it may be doing other things that are even more worrisome. And you might care that one day, we may find that the free society we claim to cherish has become a police state.

A Pattern of Excess – The routine has become distressingly familiar: A news organization reveals a secret operation by the Bush administration that employs new means to fight the war on terrorism but also raises serious issues of civil liberties or human rights. The president responds with a curt assertion that the actions are legal, even as his administration moves to head off any intervention by Congress. Resisting further requests for information, the White House countenances a public debate only to the extent it can be put to partisan use, as a means of casting Democratic critics as weak on national security…almost all of the exceptional steps President Bush approved have been compromised and discredited by the administration's behavior: its insistence on secrecy and imperious readings of the law; its contempt for meaningful congressional oversight and disregard of international opinion and U.S. alliances; its stubborn resistance to good-faith efforts by Congress to bring the operations under statute. The consequence is that much of the administration's counterterrorism strategy lacks the democratic legitimacy that would be conferred by open debate and congressional votes.

Cheney Pushed U.S. to Widen Eavesdropping - For the first time since 1978, when the Foreign Intelligence Surveillance Act was passed and began requiring court approval for all eavesdropping on United States soil, the N.S.A. is intentionally listening in on Americans' calls without warrants.

Phone Calls Are Just the Start - Telephone records are just a sliver of the data on individuals that the government could assemble. Through our movements, transactions and activities, residents of industrialized societies throw off megabytes of data each day. Gathering this data is technically straightforward, and the potential for authorities to build much larger databases -- relying on sources we may not have contemplated before -- is quite real. Such databases would require extensive protections to prevent abuse from low-level insiders and senior government officials.

U.S. Asks for Suit Against AT& T to Be Dismissed - The government filed a motion yesterday to intervene and seek dismissal of a lawsuit by a civil liberties group against AT&T Inc. over a federal program to monitor U.S. communications. The suit filed in the U.S. District Court for the Northern District of California accuses AT&T of unlawful collaboration with the National Security Agency in its surveillance program to intercept telephone and e-mail communications between people in the United States and people linked to al-Qaeda and affiliated organizations…In its motion seeking intervention, posted on the court's Web site, the government said the interests of the parties in the lawsuit "may well be in the disclosure of state secrets" in their effort to present their claims or defenses. "Only the United States is in a position to protect against the disclosure of information over which it has asserted the state secrets privilege, and the United States is the only entity properly positioned to explain why continued litigation of the matter threatens the national security," said the motion, dated May 12.

Qwest Defies NSA - Rob Douglas, a security consultant in Colorado who has testified before Congress numerous times about privacy issues, said it was the possible record-sharing among agencies that struck him the most. "It demonstrates the slippery slope," Douglas said. "What relevance would a DEA operation be to thwarting a catastrophic terrorist event? I don't see the connect. This is always the concern with data mining, that the government will broaden its authority . . . the Big Brother argument." Douglas said the NSA program might represent the largest database ever collected about Americans and poses "huge constitutional issues."

NSA has massive database of Americans' phone calls - The National Security Agency has been secretly collecting the phone call records of tens of millions of Americans, using data provided by AT&T, Verizon and BellSouth, people with direct knowledge of the arrangement told USA TODAY. The NSA program reaches into homes and businesses across the nation by amassing information about the calls of ordinary Americans — most of whom aren't suspected of any crime. This program does not involve the NSA listening to or recording conversations. But the spy agency is using the data to analyze calling patterns in an effort to detect terrorist activity, sources said in separate interviews.

Senate to investigate NSA database report - The Republican chair of a key Senate committee said Thursday he would require phone company officials to testify after a newspaper reported that the U.S. agency in charge of a domestic spying program is building a database of every call made within the country.

Feds sue firms selling phone records - The Federal Trade Commission on Wednesday announced a crackdown on five companies accused of illegally selling telephone calling records -- five months after the Sun-Times sparked national interest in the issue by highlighting Chicago Police and FBI fears about the security of their phone records…FTC officials surfed the Internet to find companies that offered to sell phone records. Twenty-nine firms were slapped with warning letters telling them to stop the practice. Five, including Baltimore-based Information Search Inc., were then sued by the FTC on Monday in federal courts across the country. Information Search has tangled with the FTC before. An FTC investigator had posed as a woman seeking details about her fiance's bank account. In 2002, the FTC sued Information Search and two other companies for selling private financial information to the FTC investigator…But David Kacala, owner of Information Search, said his company has not sold phone records for years and when it did, it bought them from a "middleman." He acknowledged his company's Web site continued to advertise the sale of phone records, but he said he refers customers to another company that actually sells them. "Where is the evidence that I did anything other than advertise?" he said. Betsy Broder, an FTC lawyer, responded, "If we did not have proof he was engaging in this conduct, we would not have brought the case."… Robert Douglas, an information security consultant in Colorado, called the FTC action a "good, but very small, step." "There are hundreds of companies selling phone records and thousands of buyers," Douglas said. "Until the FTC goes after those buyers, the black market for Americans' private information will thrive. Further, the defendants named today are mostly middlemen resellers. They are not the inner core of those who actually steal the phone records. Hopefully the FTC will deepen the investigation." Some companies that sell cell phone records have told Congress they have provided the FBI and other law enforcement agencies with such information. The FBI says the U.S. attorney general has permitted the bureau to obtain personal information from data "resellers."

FTC Says 5 Firms Sold Cellphone Records - The Federal Trade Commission said yesterday that it sued five Internet companies, alleging that they broke a federal law by selling cellphone records, an issue that has touched off privacy concerns on Capitol Hill and among privacy-protection groups…In its complaints, the FTC said cellphone customers did not authorize the companies being sued to obtain access to or sell their records. It alleges that the defendants used stolen documents, committed fraud or posed as consumers to get the wireless carriers to release confidential phone records…Cellphone records are protected by the Telecommunications Act of 1996, which says phone records are private property. "Trafficking in consumers' confidential telephone records is outrageous," Lydia B. Parnes, director of the FTC's bureau of consumer protection, said in a written statement. Members of Congress have held several hearings on the issue. One of the people sued yesterday, David Kacala, owner of Baltimore-based Information Search Inc., denied any involvement in cellphone record sales. I didn't collect cellphone records," Kacala said. His business assists lawyers with legal documents, he said.

FTC sues online firms selling cell records - U.S. authorities said Wednesday they had filed suit against five online companies, charging they had illegally sold confidential phone records. The Federal Trade Commission said it is asking a court to bar the sale of the phone records and force the companies to give up the money they made with their operations. "Trafficking in consumers' confidential telephone records is outrageous," FTC consumer protection chief Lydia Parnes said in a statement. "It robs consumers of their privacy and exposes them to everything from snoops to stalkers."… In the lawsuits announced Wednesday, the FTC charged the companies used "false pretenses, fraudulent statements, fraudulent or stolen documents or other misrepresentations, including posing as a customer of a telecommunications carrier" to get the phone records…CEO Group President Scott Joseph told Reuters he had not yet had time to review the suit and could not comment. Information Search's David Kacala disputed that he had illegally sold such records, saying the dispute was over information on his company's Web site. "Basically it's charging me with advertising," he told Reuters.

FTC Seeks Halt to Sale of Consumers’ Confidential Telephone Records - The Federal Trade Commission has filed federal court complaints charging five Web-based operations that have obtained and sold consumers’ confidential telephone records to third parties with violating federal law. The agency is seeking a permanent halt to the sale of the phone records, and has asked the courts to order the operators to give up the money they made with their illegal operations…The defendants in these cases are: 77 Investigations, Inc., and Reginald Kimbro, based in Upland, California, and using mailing addresses in Jacksonville, Florida, Broomfield, Colorado, and Nashville, Tennessee; AccuSearch, Inc., doing business as Abika.com, and Jay Patel, based in Cheyenne, Wyoming; CEO Group, Inc., doing business as Check Em Out, and Scott Joseph, based in Fort Lauderdale, Florida; Information Search, Inc., and David Kacala, based in Baltimore, Maryland; and Integrity Security & Investigation Services, Inc., Edmund L. Edmister, Tracey Edmister, and F. Lynn Moseley, based in Yorktown, Virginia, with a mailing address in Laguna Beach, California.

Who's buying cell records online? Cops - A congressional panel investigating the fraudulent acquisition and sale of mobile phone records by Internet Web firms has collected evidence that indicates law enforcement officials at the local, state and federal levels use the Internet-based services as an investigative short-cut, MSNBC.com has learned. At least one Web-based data seller has told Congress that the FBI is a client.

Phone-list sellers: We help cops - Earlier this year, Congress launched an investigation into the sale of cell phone records after the FBI and Chicago Police warned that Web-based firms could sell their officers' calling lists to criminals. Now some of the companies under investigation for fraud are telling Congress they have provided personal information to the FBI and other law enforcement agencies.

FBI buys illegally acquired phone records for investigations - Some feel that the government isn't taking these allegations seriously enough. Information security consultant Rob Douglas was involved with the subcommittee's investigation into fraudulent acquisition of data. He resigned as a result of concerns that the federal government failed to fully investigate use of illegally obtained data by government agencies, particularly the Department of Homeland Security. A Department of Homeland security spokesman denies the allegation.

Bob the writer, Bob the molester – There’s Bob Sullivan, the Red Tapes Chronicle author. Then there’s Bob Sullivan, who might be a bankrupt child molester with a brother who’s a killer.

State says firm used fraud to get cell records – [Illinois] A company under investigation by Congress was sued Wednesday by Attorney General Lisa Madigan for allegedly using fraud to obtain Illinois consumers' cell phone records. Advanced Research Inc. of New Jersey sold the records to an Illinois investigation firm four times between 2003 and 2005, the lawsuit said. In one case, the private investigator bought the records on behalf of a client planning to sue the owner of the phone, the lawsuit said. The investigator was not named in the lawsuit filed in Springfield. Also listed as defendants were Rolf Michael Martin, president of Advanced Research Inc., and vice president Bruce T. Martin, as well as ARI-Advanced Research LLC of Oregon.

Madigan sues New Jersey firm over cell record sales - Attorney General Lisa Madigan has sued a New Jersey company, alleging that its owners used fraud to obtain Illinois consumers' cell phone records. Madigan filed the lawsuit in Springfield Wednesday against Advanced Research Inc., company president Rolf Michael Martin, vice president Bruce T. Martin and Oregon-based ARI-Advanced Research LLC. The lawsuit alleges that the Martins and their employees obtained consumers' records by misrepresenting themselves as cell phone account holders or employees of the cell phone company. The suit says Advanced Research charged $125 for a list of up to 100 outgoing calls and $145 for incoming calls…Madigan has filed two other similar suits this year as part of a crackdown on the sale of consumer cell phone records. She sued Florida-based Data Trace USA and two employees last month and locatecell.com in January. An Associated Press call to the number listed on Advanced Research's web site was not immediately returned Thursday morning.

House Subpoenas Phone Data Sites - Web sites selling confidential consumer telephone data are refusing to comply with a U.S. House of Representatives' request for information, prompting the Energy and Commerce Committee to issue subpoenas to a dozen companies.

Missouri Targeting Web Sites Selling Phone Records - Congress and more than half the states have considered bills that would criminalize the sale of phone records. Missouri, Illinois, California, Florida, Texas and several cell phone providers have also filed lawsuits alleging violations of existing fraud laws…Missouri lawmakers on Thursday passed separate measures in the House and Senate that would make buying or selling phone records a felony.

Cell Phone Record Bill Updated In House - A bill to ban the sale of personal cell phone records in Maine is being updated, because the technology involved in stealing wireless phone records is changing so fast…Rep. Lawrence Bliss of South Portland on Thursday presented an amendment to address spyware, software that snatches information from cell phones.

For Sale: Your Life on the Internet - "In the U.S., Americans are terrified of Big Brother. Yet we have no problem allowing lots of Little Brothers, such as the credit card companies, to have our information indefinitely. So now we have thousands of Little Brothers and the Internet giving us hundreds of new ways to track people," said Andrew Jaquith of the Yankee Group.

House Committee on Energy and Commerce Approves New Data Security Legislation - Members Vote 41-0 to Strengthen Security Requirements. The House Energy and Commerce Committee unanimously approved new data security laws Wednesday that will ensure consumers' personal information is closely guarded and consumers are notified when they are at risk. "Nobody needs to be left in the dark when their data has been compromised by a crook," said Chairman Joe Barton, R-Texas. "Financial information has benefited from security protections for many years. But criminals can cause harm with other sensitive personal information that many companies have and it is time for a federal standard which protects that information"… The bill "sends a clear message: 'If you can't protect it, don't collect it,'" said U.S. Rep. John Dingell, D-Mich., the committee's ranking member. "This is legislation that consumers deserve if we are to help them and our economy defeat the growing menace of identity theft," said U.S. Rep. Cliff Stearns, R-Fla., chairman of the Commerce, Trade, and Consumer Protection Subcommittee. Stearns is the lead sponsor of H.R. 4127 and co-sponsors include House Republican Conference Chairman Deborah Pryce, R-Ohio. "The privacy of millions of Americans has been put on the line by information brokers and businesses with lax safeguards. It is easy to be a data burglar in the Digital Age, when a person's Social Security number, home address, and credit history are available at the click of a button," added U.S. Rep. Jan Schakowsky, D-Ill., ranking member of the Commerce, Trade and Consumer Protection Subcommittee. "The DATA Act would set a federal standard that ensures that consumers' personal information is accurate and kept secure. It requires that consumers will be notified if their privacy may have been violated because of a security breach. This bill puts up a firewall that will make it more difficult for data thieves to break through, protecting consumers from identity theft and fraud." The bill places new requirements on specific companies that specialize in collecting personal data. These "data brokers" will be required to implement effective security safeguards. If there is a reasonable risk of identity theft to the individual to whom the personal information relates, fraud or other unlawful conduct, these data brokers must notify consumers. Additionally, data brokers will be prohibited from falsely representing themselves to obtain personal data.

Alien Charged with Identity Theft and Making False Statements to Obtain U.S. Passport, Reports U.S. Attorney - United States Attorney Michael J. Sullivan and James P. Ennis, Special Agent in Charge of the U.S. Department of State Diplomatic Security Service announced today that NUHU MOHAMMED of Quincy, a 48 year old man, was charged in an indictment with making false statements in an application for a U.S. passport and identity theft. The indictment alleges that NUHU MOHAMMED, an alien, applied for a U.S. passport under a false identity. MOHAMMED, the President of All States Mortgage Co., Inc., formerly known as Saudi Holdings, Inc., used another person's birth certificate from Puerto Rico as proof of citizenship. In addition, he presented a false Massachusetts Identification Card, consisting of his own photograph with the identifying information of the person born in Puerto Rico, as proof of identity.

Florida privacy suit can proceed - The Supreme Court declined Monday to stop a lawsuit accusing a bank of improperly buying Florida motor-vehicle records…At issue was whether Florida drivers whose information was shared had to prove actual damages to recover money under the federal Driver's Privacy Protection Act…The lawsuit, claiming that the company did not have consent to get the personal information, could cost the company $1.4 billion, Scalia wrote. "Because of other class actions currently pending in Florida, involving the same question, the total amount at stake may reach $40 billion," Scalia wrote.

GAO: Customs Failed 'Dirty Bomb' Test - Congressional investigators testing U.S. port security smuggled enough radioactive material into the United States last year to make two radiological "dirty" bombs, officials told a Senate panel yesterday. In December, undercover teams from the Government Accountability Office, Congress's audit arm, carried small amounts of cesium-137 -- a radioactive material used for cancer therapy, industrial gauges and well logging -- in the trunks of rental cars through border checkpoints in Texas and Washington state. The material triggered radiation alarms, but the smugglers used false documents to persuade U.S. Customs and Border Protection inspectors to let them through with it. "These are documents my 20-year-old son could easily develop with a simple Internet search," said Sen. Norm Coleman (R-Minn.), who chaired the hearing into covert nuclear threats before a Senate Homeland Security and Governmental Affairs subcommittee yesterday. "It is a problem when it is tougher to buy cold medicine than it is to acquire enough material to construct a dirty bomb." Jayson P. Ahern, an assistant commissioner for field operations for Customs and Border Protection, said U.S. customs officers were unable to confirm the validity of counterfeit Nuclear Regulatory Commission licenses presented by testers, but a system will be in place within 30 days to do so.

Suffering in silence with data leaks - Lynn Perry was living an online shopping nightmare. A hacker had snatched her home address and phone and credit card numbers--even the three-digit security code printed on the back of her credit card--and was offering them to anyone willing to pay the asking price: $5. Perry, a copyright attorney from Mill Valley, Calif., was among 10 people whose personal data was posted last month on a Web site that specializes in the trafficking of stolen information. Even worse, no one bothered to tell her that her credit card information had been compromised. It's likely that no one was required to do so. Much to the chagrin of consumer advocates, the disclosure laws passed by 23 states during the past three years have had little impact when it comes to ensuring consumers are notified about data theft or loss.

Fake ID business booms in Los Angeles - The Federal Trade Commission says identity theft is one of the fastest-growing crimes in the country. The thieves often use phony Social Security numbers belonging to innocent citizens — and do it with the greatest of ease…Kevin Jeffery, a special agent with the Immigration and Customs Enforcement Service, says computers make it easy for the forgers. "The document vendors themselves, they just make up random numbers," Jeffrey says. "To do this would take maybe about two minutes, tops." Jeffery says Los Angeles, with its huge population of illegal immigrants, is the counterfeit document capital of America. NBC News asked an employee of its Spanish language sister network, Telemundo, to walk through Los Angeles' MacArthur Park, where he was approached four times in 30 minutes by document vendors.

Credit Card Scam Investigated in D.C. - A woman posing as a Washington Post employee is suspected of duping dozens of the newspaper's advertisers into turning over their credit card numbers, according to The Post and the U.S. attorney's office. Using the telephone numbers placed in classified ads, the woman would call advertisers claiming that she worked for the paper, Post spokesman Eric Grant said in a statement yesterday afternoon. The woman would explain that the advertiser's credit card number had not gone through and that she needed to run it again. After the person provided the card information, the woman would use it to start making charges to that account. At least 50 people have been victims of the scam, according to a person familiar with the case who spoke on the condition of anonymity because charges have not been filed.

Lawmakers Expect to Probe IRS Privacy Plan - The House Republican who oversees the Internal Revenue Service budget wants to know more about a proposal to change privacy rules governing tax preparers who handle taxpayers' personal information. The proposal alarmed consumer groups and some lawmakers, who fear the changes could open taxpayers to more widespread disclosure or sale of personal information…Rep. Joseph Knollenberg, R-Mich., chairman of a House Appropriations subcommittee, plans to solicit more details from IRS Commissioner Mark Everson at a Wednesday hearing examining the president's budget request for the tax collectors, a spokeswoman said.

Alleged spammer pays $900,000 fine - An Internet marketing company that offered free movie tickets in exchange for friends' e-mail addresses agreed to pay a $900,000 fine to settle charges it violated federal anti-spam laws, authorities said Friday.

Sahadi: You want a piece of me? Pay me - "That business and government are profiting off of our information is a huge public policy question," said Rob Douglas, founder of PrivacyToday.com who has often testified on such matters before Congress. But, he said, it's a question largely ignored by lawmakers so far.

ATM theft investigators eye software flaw - U.S. retailers are being warned that software they use at checkout counters may store too much customer information — including customer debit card PIN numbers that are supposed to be immediately erased or encrypted.  And to make matters worse, researchers believe that hackers can sometimes pluck the valuable data right out of thin air, thanks to insecure wireless networks at some stores.

The Spy in Your Pocket - Wesley Clark built a campaign for President as an expert in national security. But he recently discovered a hole in his personal security--his cell phone. A resourceful blogger, hoping to call attention to the black market in phone records, turned the general into his privacy-rights guinea pig in January. For $89.95, he purchased, no questions asked, the records of 100 cell-phone calls that Clark had made. (He revealed the ruse to Clark soon after.) "It's like someone taking your wallet or knowing who paid you money," Clark says. "It's no great discovery, but it just doesn't feel right." Since then, Clark has become a vocal supporter of the movement to outlaw the sale of cell-phone records to third parties…Clark's allies in Congress drafted a bill to ban the sale of wireless-phone records, but it stalled in the Senate last week. In the meantime, spy outfits pose as subscribers to obtain records, then sell them to private investigators, divorce lawyers or anyone else with a credit card. Verizon Wireless and other carriers shut down one notorious data broker, Locatecell.com "There are thousands of companies doing this," says Robert Douglas, a security consultant and former private investigator. He notes that there are about 60,000 licensed private investigators in the U.S. "Unfortunately, anyone worth his salt knows who to turn to for phone records," he says. Wireless carriers are also revamping their practices to deter infiltration. Most will no longer release calling records by fax or e-mail. They have even tightened rules about giving records to people who claim to have lost a cell phone.

Stolen Fidelity computer raises privacy fears - A laptop belonging to Fidelity Investments that held the names, addresses, birth dates, Social Security numbers and other information of 196,000 retirement account customers was stolen last week, the company says.

Sprint Nextel Targets Florida Pretexter - Sprint Nextel took a number at the courthouse Monday to become the latest phone company to sue an alleged pretexter, people who impersonate another in order to illegally obtain confidential phone data. The suit filed in Florida targets a private investigation firm that Sprint Nextel (Quote, Chart) claims employs deceptive practices to illegitimately obtain customer call records and then sells the information to online brokers. Sprint Nextel has requested both temporary and permanent injunctions against the investigative firm of San Marco & Associates of Fort Lauderdale, Fla. "As we dig deeper into the origins of this fraud, we've determined that, in some cases, companies with no Internet presence whatsoever are handling the dirty work for these online operations," Kent Nakamura, vice president for telecom management and chief privacy officer for Sprint Nextel, said in a statement. With the suit, Sprint Nextel continues its pursuit of pretexters, who are also at the heart of proposed federal legislation to stop online sites from selling confidential phone records. Phone companies maintain their systems are secure with the information being obtained through pretexting…Sprint Nextel also has an outstanding complaint against All Star Investigations, a company believed to own and/or operate OnlinePI.com, Allstarinvestigations.com, Detectivesusa.com, Miamiprotection.com and Privatedetectivesusa.com. "We indicated previously that we would take any action necessary to eliminate this threat, and we are following through on that promise to our customers," Nakamura said.

The real threat to the Internet - Last week came yet another story predicting doomsday for the Internet. Except this time, it wasn't a Digital Pearl Harbor that was coming. It was a "Katrina of the Internet." Ordinarily, I would just shrug off such a story -- there are always two or three of these each year -- and recommend that readers do the same. After all, the Internet sky has been said to be falling many times, and yet, it never seems to happen. But this story was written by Ted Bridis at the Associated Press, whose work is beyond reproach. So I dug in, and sure enough, there is something to be worried about. [Another must-read by Bob Sullivan over at The Red Tape Chronicles]

Visa warns software may store customer data - A popular software that retailers use to control debit-card transactions may inadvertently store sensitive customer information, including PIN codes, says Visa. Two versions of cash-register software made by Fujitsu Transaction Solutions are under scrutiny, according to a warning Visa issued to the companies that process card transactions for some of the nation's largest retailers. A Visa representative confirmed that the warning was sent…Visa's warning, which was first reported by The Wall Street Journal on Friday, has raised eyebrows in the financial and retail sectors. The software was flagged at a time when thousands of debit-card holders across the country have reported unauthorized withdrawals from their accounts. Bank of America, Washington Mutual and Citibank are among the financial institutions that have replaced more than 200,000 debit cards in the past two months and have told customers that thieves obtained vital debit-card information as a result of a security breach at a large merchant. One commonality among the fraud victims, according to law enforcement and banking officials, is that most had shopped at one of Fujitsu's clients: OfficeMax.

'Computer terrorist' Mitnick teaches hacker blocking - He can find George Bush senior's Social Security number and Leonardo DiCaprio's mother's maiden name in under 15 seconds, and led the FBI on a three-year manhunt as he hacked his way into the world's biggest firms. "Computer terrorist" Kevin Mitnick is one of the world's most famous computer hackers and became a cause celebre after breaking into networks and stealing software at companies including Sun Microsystems and Motorola. Now Mitnick travels the world teaching companies how to guard against people just like him. He argues that while sophisticated technology can help keep networks clean from viruses, it is useless if hackers can con a company's employees into handing over passwords by posing, for example, as colleagues. "Hackers find the hole in the human firewall," Mitnick told an information technology security conference on Wednesday in Johannesburg, South Africa. "What's the biggest hole? It's the illusion of invulnerability." "Social engineering"--as hackers call tricking people--formed the main thrust of his career, in which he penetrated some of the world's most sophisticated systems often by persuading unwitting staff to hand over top-secret information. Mitnick, now in his early 40s, started hacking phone systems in his teens before moving on to computers, but says he never stole money or caused deliberate damage and hacked just for the thrill of it.

ANZ to move files to India - The confidential banking records of three million customers of the ANZ Bank are being moved offshore to India. In a move that has alarmed consumer groups and police, much of the bank's search and retrieval processes of the records will be undertaken in ANZ's offices in Bangalore.

Madigan sues over cell phone records - Dozens of Illinois residents have bought cell phone records from a Florida information broker without the owners of the phones giving their consent, according to a lawsuit filed Wednesday by state Attorney General Lisa Madigan. A subpoena of Data Trace USA Inc. has revealed 36 orders by Illinois purchasers for "cell phone billing detail cycles" between Sept. 22 and Feb. 22, the lawsuit said. They paid anywhere from $165 to $440 for the information…Madigan is accusing Data Trace and two of its employees of falsely representing themselves as account holders or telephone company employees to gain access to the information. She is seeking penalties of up to $50,000 for each violation under the Illinois Consumer Fraud and Deceptive Business Practices Act. Her lawsuit quotes a Data Trace advertisement that said: "You provide working cell phone number, name and address (SSN if you have it). We will provide you all incoming & outgoing calls from the most recent billing cycles available. RESULTS IN 1 BUSINESS DAY VIA E-MAIL."… "These companies don't care if giving out this information jeopardizes a person's security," said Madigan, who has testified before Congress about the issue. "They are just looking to make a profit from invading individuals' privacy."

Identity theft on the rise in S. Florida as bad drivers try to avoid traffic violations - The problem of drivers stealing other peoples' identities has been around for years, long before the term "identity theft" was coined. But it appears to be growing in Broward County and nationally as drivers give the name of their mother or father, daughter or son, aunt or uncle, friend or enemy. Even triplets do it, Broward judges have found…It is so common that Broward State Attorney Michael J. Satz about 10 years ago created his "Not Me Unit." Its job is to clear the innocent and prosecute the liars. It handles about 2,000 identity theft cases a year, with about 1,000 of those resulting from traffic charges, according to Assistant State Attorney David Weigel, who runs the unit, and Annie Guialdo, the unit's legal assistant.

Opening the Door on the Credit Report and Throwing Away the Lock - In a dozen states, legislatures have set up procedures for residents afraid of identity theft to lock and unlock their credit reports. But credit-reporting agencies are pushing Congress to override the state laws, which could make it harder for Americans to keep their credit information under wraps. Lobbyists for the big agencies Equifax, Experian and TransUnion, owned by the Marmon Group are seeking to add an amendment to the Financial Data Protection Act, a bill being rewritten by the House of Representatives. (A similar bill, S1408, is working its way through the Senate.) While the wording has not been set for the bill, also known as HR3997, lobbyists for the credit agencies are pushing for a law that limits the ability to lock credit reports to victims of identity theft. Moreover, the reports could be unlocked with five days' advance notice. Once a report is locked, an agency cannot release any of its details. Consumer groups are upset that a federal law might supersede what has been done at the state level.

Congress may gut identity-theft laws – [Mercury News Editorial] Two effective, consumer-friendly laws have given Californians powerful tools to protect themselves against identity theft. Under the guise of protecting all Americans from this growing crime, Congress wants to take those tools away. The California congressional delegation must not allow it. It should fight instead to extend the rights enjoyed by Californians to others around the country. The first law forces companies that lose sensitive information about consumers -- or have that information stolen -- to notify those affected. The law helped publicize data breaches at ChoicePoint and dozens of other firms and put millions of Americans on notice that they were at risk of identity theft. The second law gives those who believe they are at risk of being victimized a nearly fail-safe way to protect themselves by placing a ``freeze'' on their credit reports. Accounts that are frozen are invulnerable to identity thieves. The laws were hailed as a model, and not surprisingly, Congress began thinking about following in California's footsteps. But if the bill that passed the House Committee on Financial Services is any indication, Capitol Hill's idea of a solution appears to be to sweep the identity theft problem under the rug…Having a national data-breach law -- rather than a patchwork of state standards -- makes sense, but it must be modeled after California's no-loophole statute. And when it comes to giving citizens the right to freeze their credit, Congress should think about the following: It's considered good practice to install smoke detectors before there's a fire.

Europeans tougher on identity protection than U.S. - To Europe, America looks a lot like one big Wild West still in need of some taming, at least when it comes to privacy laws. Privacy experts say that stricter controls on personal data and credit cards make it much harder for criminals in Europe to steal someone's identity or to use someone else's accounts to make financial transactions. "The United States today experiences much higher levels of identity theft, spam and government profiling than Europe because we have failed to establish necessary legal safeguards," said Marc Rotenberg, executive director of the Electronic Privacy Information Center (EPIC), a Washington, D.C.-based advocacy group.

Identity Theft Hits Close To Home; Threat Is Real - Pa. State Police from Emporium, Kane and Coudersport have seen an increase in reports of attempted "identity theft" and related crimes by crooks who may live as far away as Africa. Robert and Sally Garman of Cameron County were among the victims. Last December, they noticed that the balance of their bank account was slowly dropping. The Garmans visited the bank and discovered that a thief had been using their debit card account to purchase pets, donate to a church and rent hotel rooms in four European countries. By the time they cancelled the card number, some 16 bogus transactions had been made.

Tax filers report identity theft - Jimmie Roberts Jr. of Montgomery went to have his taxes prepared only to find that his Social Security number had been used as a dependent on someone's fraudulent return. According to Montgomery police reports, Roberts isn't the only person who has received this news. At least six other people in Montgomery have reported similar crimes this year. "We have this happen every year," said Dan Boone, a spokesman for the Internal Revenue Service. However, Boone said he was shocked to find out so many cases had happened in one city in such a short period of time.

Even torn-up credit card applications aren't safe - The Red Tape Chronicles – What if a desperate identity thief digging through your trash found a credit card application ripped into little pieces, taped it back together, filled it out and mailed it in?  Would he get the credit card? [Well, I know you know the answer is yes, but there’s a lot more to this story and it’s today’s must-read.  Good friend Bob Sullivan (with a bit of help from an “Internet prankster”) has pulled the pants of Chase’s credit card operation. And it ain’t purty!]

Phone Records - Arizona Legislative Update - The House voted unanimously Monday to make it illegal for companies or individuals to use deceptive means to obtain the phone records of any Arizona resident. The proposed law comes as some firms advertising on the Internet have offered to sell anyone's phone bills. But the information usually is obtained from the phone company through illegal means, often by someone posing as a police officer or investigator. Rep. Jonathan Paton, R-Tucson, wants to make the sale of such records illegal and also directs phone companies to establish procedures to protect against unauthorized disclosure. The measure now goes to the Senate.

Congress, FCC: Carriers Must Get CPNI Act in Order! - One thing’s certain: by the time Congress, the FCC and EPIC are finished with their efforts, pretexting and marketing private call records will be illegal, and the rules carriers have been required to follow are about to become more stringent.

Targeting Thieves Who Steal Cell Phone Data - New Jersey is on the front line of a nationwide battle to ban businesses that fraudulently obtain peoples' cell phone data-such as billing addresses and lists of people they talk to-and sell them to private investigators, divorce lawyers, rival businesses and others for around $100 a list…"These records can reveal the names of a person's doctors, their public and private relationships and business associates," says state Assemblyman David Mayer (D-Gloucester), who last week introduced legislation (A-2359) that would make obtaining and selling the data a crime. "In this day and age when identity theft is running rampant, we have to do all we can to protect this type of information from getting into the wrong hands."

IRS warns taxpayers to beware ID theft scams - The Internal Revenue Service, noting an escalation in identity theft scams, is raising alarms about e-mails designed to dupe taxpayers into revealing personal financial information. IRS and Treasury Department officials have noticed an increase this winter in the frequency and sophistication of "phishing" schemes that use the tax agency's logo to lure victims. "There does seem to be a proliferation of them this filing season," Richard Morgante, commissioner of the IRS wage and investment division, said Monday. "We have more thieves trying to take advantage of the filing season than we've seen in the past."

Internet blows CIA cover - She is 52 years old, married, grew up in the Kansas City suburbs and now lives in Virginia, in a new three-bedroom house. Anyone who can qualify for a subscription to one of the online services that compile public information also can learn that she is a CIA employee who, over the past decade, has been assigned to several American embassies in Europe. The CIA asked the Tribune not to publish her name because she is a covert operative, and the newspaper agreed. But unbeknown to the CIA, her affiliation and those of hundreds of men and women like her have somehow become a matter of public record, thanks to the Internet. When the Tribune searched a commercial online data service, the result was a virtual directory of more than 2,600 CIA employees, 50 internal agency telephone numbers and the locations of some two dozen secret CIA facilities around the United States. [This is a frightening read and something we hope the CIA, the administration, and Congress will address immediately!]

E-mail marketing firm settles data mining case - A company accused of using unauthorized personal data "mined" by other firms from about 6 million e-mail addresses nationwide has agreed to reform its practices under a $1.1 million settlement, New York officials said Sunday. Datran Media Corp. of New York City, a leading e-mail marketer, used e-mail addresses and other personal data it obtained from several companies, New York Attorney General Eliot Spitzer's office said.  The settlement was scheduled to be announced Monday. The Internet "customer acquisition" companies proclaimed on their Web sites that they wouldn't lend or sell the information provided.  Consumers were often enticed to reveal their names, addresses and financial data in exchange for free iPods and DVD movies.

Street-Level Credit card Fraud - Until recently, Las Vegas police officers couldn't figure out why some of the prostitutes and drug addicts they arrested were found carrying multiple hotel room keys and slot machine player's club cards. When confronted, the suspects said they kept them as souvenirs or found them on the sidewalk. The cops initially assumed that the cards were stolen, or -- in the case of the prostitutes -- perhaps belonged to some of their more frequent clients. "It was getting fairly regular that in post-arrest inventory, we would find eight to 10 room key cards ... all from different hotels," said Dennis Cobb, deputy chief of the Las Vegas Metropolitan Police Department's Technical Services Division. The mystery began to unravel when a LVMPD officer slid one of the keys through a machine that reads the data stored on the card's magnetic stripe. Each swipe revealed a 16-digit credit number, a date, a person's name and the name of a bank. That's right, the keys functioned exactly like credit cards, allowing the carrier to pay for merchandise at any store or market where customers do their own swiping. [This is a fascinating read!!!]

Insurers Happy with Utah Privacy Bills - In its just-concluded session, the Utah Legislature passed legislation to protect consumers from unauthorized access to their credit-related information, while preserving insurers' access to credit data, Property Casualty Insurers Association of America (PCI) Regional Manager Kenton Brine said. "Utah legislators -- and especially Sen. Carlene Walker -- showed great leadership in approving measures that provide strong protection for consumers from illegal access to their personal information without needlessly interfering in relationships between consumers and the businesses that serve them," Brine said. Senate Bill 69, if signed into law, will require that consumers be notified when their personal information held by data companies, financial institutions, retailers or others is exposed to unauthorized access, stolen or lost. But early versions of the bill did not prevent the filing of frivolous class action lawsuits in connection with alleged breaches or notification procedures. PCI worked with lawmakers to add amendments prohibiting creation of a private right of action under the bill, the association said. [Ah yes—it’s always the “private right of action” they fear most!]

Republicans face awkward identity theft fix – [Ohio] Republicans clamping down on a potential identity theft crisis must tread carefully because the issue involves one of their own candidates for governor.

Everything You Ever Knew About Yourself -- for $79.95 - So for $79.95 at MyPublicInfo.com, you can buy a one-time data snapshot of yourself, a detailed portfolio Kraft calls a "Public Information Profile" (PIP), culled from more than 5,000 data sources nationwide. MyPublicInfo taps your info -- plus data mistakenly connected to or confused with your identity -- from the brimming databanks of super-data aggregators such as ChoicePoint, LexisNexis and Acxiom as well as from small and specialized databanks and primary sources such as courthouses. Included in your PIP? Criminal records, bankruptcy records, liens and judgments, insurance claims, address and telephone histories, real estate transactions (even aerial photos of your house!), professional licenses, motor-vehicle registrations, unclaimed assets, etc.

Protect yourself from identity theft before it happens - A new Web site designed to help people protect their credit before it gets stolen went online Monday. TrustedID, created by Scott Mitic, the former vice president of business development at Fair-Isaac and Omar Ahmad, the former chief investment officer of Napster and Webmaster at Netscape, lets you freeze your credit report and force companies to double-check with you before opening a line of credit in your name.

Your Phone Records in Peril - The data broker scandals of the past year and the phone record problems of this year are part and parcel of the same problem: Our private information is out there and it's not being protected well enough. The data stores will only keep growing. We need standards for their protection, and thus ours.

"Worst Hack Ever;" Citibank Only The Start - The unfolding debit card scam that rocked Citibank this week is far from over, an analyst said Thursday as she called this first-time-ever mass theft of PINs "the worst consumer scam to date."

Patriot Act Partly Blamed in Madrid Case - The FBI used expanded powers under the USA Patriot Act to demand information from banks and other companies as part of the investigation of Oregon lawyer Brandon Mayfield, who was wrongfully arrested in connection with the Madrid train bombings in 2004, according to a report issued yesterday. Inspector General Glenn A. Fine also found that although FBI investigators did not abuse any of its powers in the case, the Patriot Act anti-terrorism law "amplified the consequences" of the FBI's misidentification of a fingerprint by allowing numerous agencies to share flawed information…One of the most notable details revealed by yesterday's report was the FBI's use of "national security letters," a form of administrative subpoena that allows agents to demand records from banks, telephone companies and other firms. The FBI's ability to use such letters was greatly expanded by the Patriot Act, which was reauthorized with some changes this week. The FBI issued numerous such letters in Mayfield's case, although the exact number is censored in Fine's report. The report says "several" of the letters did not directly pertain to Mayfield, indicating that the FBI obtained records about other individuals as well -- a move that likely would not have been allowed before the Patriot Act reforms, the report said. The report also details a series of covert searches of Mayfield's home and office through the use of a warrant obtained under the Foreign Intelligence Surveillance Act. Another round of searches of Mayfield's office, home and vehicles was also conducted on May 6, 2004, but those were done under the authority of a regular criminal warrant, the report said.

Privacy worries motivate requests to close records - Worries about privacy and identity theft, rather than fears of terrorism, have motivated many of the North Dakota Legislature's recent proposals to deny access to public records, an Associated Press review shows…"A lot of it has to do with how easily information can be accessed and disseminated over the Internet," Attorney General Wayne Stenehjem said. "I think that was a a bigger factor than 9/11."… In the last four years, lawmakers have approved a broad prohibition against disclosing someone's Social Security number or medical information on public records. Agencies are obliged to release documents with restricted information, as long as the exempt information is blacked out. Other bills were intended to implement new federal laws that shield the disclosure of individuals' medical and banking data.

City employee gets two years in prison in ID-theft case - A city employee who stole mail from a Chula Vista post office and used her work computer to steal personal identifying information was sentenced Tuesday to two years in state prison…The identity theft resulting from the defendant's access to the city's water billing database was limited to four people, including her supervisor, police said. “They didn't lose money, but they got a lot of headaches,” Deputy District Attorney Joan Stein said outside court. The people who lost money had mail taken from the South Bay post office, Stein said. Lawrence, who worked as a dispatcher, used a small metal device to open more than 12 mailboxes and used the personal information to make credit card purchases, Stein said…When Lawrence was being booked into jail, she had a piece of paper in her shoe detailing personal identifying information on more than a dozen people, including a sheriff's deputy who was taking her into custody, Stein said.

Undisclosed number of Verizon employees at risk of identity theft - A theft of two laptop computers has put a "significant number" of Verizon Communications' employees at risk of having their identities stolen, the company said Wednesday.

The best privacy consultancies - Within the past few years, privacy consulting has grown into a $400 million market in the U.S., and at least a dozen American law firms and each of the Big Four auditors have come to boast of a robust privacy practice. But to corporate executives, these consultancies can all sound like they're selling the same thing: the master plan for keeping the company's name out of Computerworld's privacy breach roundup. So which ones can you turn to for the best advice?

Site makes identity theft possible, lawsuit says - A Brown County man filed a class action lawsuit in U.S. District Court in Cincinnati on Thursday demanding that Ohio Secretary of State J. Kenneth Blackwell immediately stop posting on his Web site documents containing Ohioans' Social Security numbers.

Woman pleads guilty to identity theft - A Massachusetts woman has pleaded guilty in New Hampshire to identity theft linked to a pickpocketing operation.

MA House unanimous in privacy vote - Consumer privacy advocates have scored a victory with a unanimous vote in the House for a bill limiting insurance companies’ access to so-called black-box data recorders found in many new cars.

Court weighs openness versus privacy - A [PA] state court panel Thursday weighed how to balance privacy concerns with using the Internet to give people access to records.

Privacy rules snarl search for suspect - Call it a lesson in state and federal privacy rules. That’s how local law enforcement officers and a prosecutor are describing the challenges they faced while trying to track down a man who was supposed to return to jail after his release from a state treatment center in Willmar…Blue Earth County Sheriff Brad Peterson said the experience has convinced him privacy laws should be “tweaked” to allow treatment centers to alert law enforcement when someone is violating the conditions of their release from jail…Federal laws don’t allow social workers to give that information to police, said Robert Meyer, Blue Earth County Human Services director. And employees are bound by the federal privacy laws, which are more stringent than state laws, while someone is in treatment. It doesn’t matter if that person is facing criminal charges and is out of jail on a court order, he added.

Two Charged In Identity Theft In Obtaining Mortgage - “Acting on a tip from a mortgage investigator, the two would-be borrowers were apprehended earlier this week as they sat down at the mortgage closing table in Jamaica, Queens”, district attorney Richard A. Brown said. “When questioned by police, the defendants allegedly produced various forms of personal identifiers, including a New York State driver’s license, a permanent resident (green) card and various credit cards, none of which were in their actual names.”

SD Gov. Rounds Signs ID Theft Bill - Governor Mike Rounds signed a bill today that will allow identity theft victims to block all access to their credit reports for seven years. But this new law doesn't only make it easier for victims to repair their credit, it also sets the stage for more bills designed to protect consumer information.

PINs no obstacle for debit card thieves - With consumers around the country reporting mysterious fraudulent account withdrawals, and multiple banks announcing problems with stolen account information, it appears thieves have unleashed a powerful new way to steal money from cash machines. [This is a must-read by good friend Bob Sullivan. This was featured last evening on the NBC Nightly News.]

Phone Data Privacy Bill Heats Up in Senate - Momentum for a telephone data privacy bill began building in the U.S. Senate Wednesday, with Sen. George Allen (R-Va.) introducing legislation to outlaw the acquiring, selling or soliciting of someone else's phone records without their express consent. Sen. Ted Stevens, chairman of the Senate Commerce Committee, is co-sponsoring the bill, and the Alaskan Republican promised a hearing on the legislation next week. Two U.S. House committees have already passed similar legislation.

Cops break up identity theft duo - Two thieves allegedly racked up more than $500,000 in charges on bogus credit cards using the identity of more than 100 victims in what is believed to be one of Ottawa's largest identity theft scams…The duo allegedly used online employment ads to lure victims to send resumes, then sent a letter to the job seeker promising a high-paying position. The letter requested candidates to send a $20 administration fee and fill out an application form. The form asked for personal information such as a social insurance number, driver's licence, full name, and address. Investigators recovered 60 gold-level credit cards, social insurance cards, and Ontario and Quebec driver's licences under the names of the victims. Police estimate the accused ran up $500,000 in charges on the credit cards for things such as high-end electronics.

Victim in N.C. office shooting now facing identity theft charges - A man shot four times by a business partner during a meeting now faces charges of identity theft stemming from the incident.

House panel moves to shield phone records - Moving to block vendors who offer to obtain and sell consumers' telephone records, a U.S. House of Representatives panel on Wednesday passed legislation to bar the practice and boost security measures. The U.S. House Energy and Commerce Committee unanimously approved a bill that forbids the sale of telephone records as well as bars the emerging practice of impersonating subscribers to obtain their records and selling them on the Internet. The bill also mandates tougher Federal Communications Commission security rules for phone companies that maintain such records, as well as higher fines for phone companies that fail to adhere to the standards. "The problem is that these telephone calling records, which detail some of the most intimate and sensitive aspects of our lives, are easily available to anyone with an Internet connection, a credit card, and $100 to spend," said Rep. Joe Barton, the committee chairman and a Texas Republican…The measure would also require telephone carriers to get a customer's permission before sharing some specific call information with others for activities like marketing…The House panel also unanimously adopted an amendment that would bar telephone carriers from disclosing wireless telephone numbers without the consent of customers, which would make it difficult for the creation of a wireless telephone directory. "Consumers should not be subject to the unwanted privacy intrusion of having their cell phone records put on display without their express permission," said Rep. Edward Markey, a Massachusetts Democrat.

Panel OKs Bill To Ban 'Pretexting' Of Phone Records - A proposal to prohibit fraudulent access to telephone records sailed through a House panel with minimal objection, as the House Energy and Commerce Committee approved the bill by voice vote. The measure would make it illegal for online brokers to buy and sell individuals' monthly phone records. It would empower both the FCC and FTC to enforce new rules banning "pretexting," the practice of obtain customers' personal information under false pretenses.

Your Phone Records in Peril - Congress, outraged by a problem everyone can agree on, has acted swiftly (for Congress). Two related bills, one in the House of Representative, the other in the Senate, spell out the criminal behavior in these cases and propose tough penalties for violations. Both have recently passed out of committee with relatively little debate and are headed for a vote. Given the general agreement on the problem in committee, and the desire to protect voters (it's an election year, have you heard?), I'd bet these or similar bills will be passed. But none of the proposed bills addresses the need for stronger privacy protections at the phone company level, or broader privacy standards for any company that gathers and stores information about us.

Famed "computer terrorist" teaches anti-hacking - He can find George Bush senior's social security number and Leonardo DiCaprio's mother's maiden name in under 15 seconds, and led the FBI on a three-year manhunt as he hacked his way into the world's biggest firms. "Computer terrorist" Kevin Mitnick is one of the world's most famous computer hackers and became a cause celebre after breaking into networks and stealing software at companies including Sun Microsystems and Motorola. Now Mitnick, from the United States, travels the world teaching companies how to guard against people just like him. He argues that while sophisticated technology can help keep networks clean from viruses, it is useless if hackers can con a company's employees into handing over passwords by posing, for example, as colleagues.

Privacy fear as Google plans 'super database' - GOOGLE, the internet giant, is planning a massive online facility that could store copies of users' hard drives - a move set to spark alarm among civil liberties campaigners…In the presentation notes, the chief executive, Eric Schmidt, made a cryptic comment that one goal of Google was to "store 100 per cent" of consumer information".

Democrats' Data Mining Stirs an Intraparty Battle - A group of well-connected Democrats led by a former top aide to Bill Clinton is raising millions of dollars to start a private firm that plans to compile huge amounts of data on Americans to identify Democratic voters and blunt what has been a clear Republican lead in using technology for political advantage…The pressure on Democrats to begin more aggressive "data mining" in the hunt for votes began after the 2002 midterm elections and intensified after the 2004 presidential contest, when the GOP harnessed data technology to powerful effect. In 2002, for the first time in recent memory, Republicans ran better get-out-the-vote programs than Democrats. When well done, such drives typically raise a candidate's Election Day performance by two to four percentage points. Democrats have become increasingly fearful that the GOP is capitalizing on high-speed computers and the growing volume of data available from government files and consumer marketing firms -- as well as the party's own surveys -- to better target potential supporters. The Republican database has allowed the party and its candidates to tailor messages to individual voters and households, using information about the kind of magazines they receive, whether they own guns, the churches they attend, their incomes, their charitable contributions and their voting histories.

Citibank cuts off some ATM cards - Says fraud on U.S. accounts has been spotted in Canada, U.K. and Russia.

Victim of ID Theft Tracks Down Suspect - A California man thought he was living life untouched by identity theft. When he found out otherwise, he flew to Salt Lake City to track the situation down…Anthony Cerini told me he couldn't even pay his taxes, because the IRS said they'd already been paid. That's how completely someone stole his identity. Now, that someone is in jail…Saturday, Cerini flew to Utah, eager to track down the i.d. thief. When Cervantes showed up, he called police. Det. Robin Snyder, Salt Lake City Police Dept: "We did have to bring both back to the department to figure out who was the real victim, because the suspect identified himself as the victim. So we did have to do some investigation on the two of them to determine who the suspect here was." Cerini suspects Cervantes is in the U.S. illegally--a motive for stealing his information. Now, he just wants the mess cleared up so he can buy his own house.

Nixon sues firm over phone records - Attorney General Jay Nixon has filed suit against a Florida-based company that sold phone records online, claiming it obtained the records illegally. Datatraceusa.com is the third Web site Nixon has sued since January. Two of the Web sites, locatecell.com and completeskiptrace.com, have already have been ordered to stop doing business in Missouri and with the state’s residents…The Florida company’s agents, Lina Vargas and Nick Scott, both of Hollywood, Fla., are also named as defendants in the lawsuit filed Monday in Cole County Circuit Court.

Pawlenty looks to alter privacy law - The path to government records might soon be littered with obstacles if Gov. Tim Pawlenty has his way. Pawlenty proposed Thursday revisions to a state law that for years has acted on the presumption that government records should be open to the public. His proposal, aimed at protecting citizens from identity theft, includes calls to limit the use of Social Security numbers as well as access to driver’s license data and personal phone records. Brian McClung, Pawlenty’s director of communications, said identity theft is a big problem that needs to be addressed. “In 2005, more than 3,000 Minnesotans were victims of identity theft,” he said, citing a Federal Trade Commission survey. “The governor thinks we can take some positive steps in doing a better job safeguarding personal information.” Pawlenty plans to limit the use of Driver and Vehicle Services data to only necessary circumstances, such as public health and safety uses, according to a news release. His proposal will also make it illegal for unauthorized people to obtain or receive another person’s telephone records. Violations could result in penalties for as long as one year in prison and a $5,000 fine, according to a news release. This consequence also would be extended to those who sell or disclose citizens’ Social Security numbers.

Cyber criminals stepping up targeted attacks: report - Cyber criminals are stepping up smaller, more targeted attacks as they seek to avoid detection and reap bigger profits by stealing personal and financial information, according to a report issued on Monday…Scams such as phishing attacks that trick users into revealing information such as passwords, credit card information and other financial information also rose, the report said.

8 accused of identity theft - Eight people are accused of running an identity theft ring that got Social Security numbers and other personal data from a Hamilton County Web site and used the information to ring up about a half-million dollars in spending. The suspects created false identification documents, opened credit accounts and produced counterfeit checks in several states…The indictment says they stole the personal information of hundreds of people in southern Ohio, resulting in about $500,000 in losses for individuals, financial institutions and retailers. The indictment outlines 103 instances of counterfeit checks or fraudulent credit transactions at stores in Ohio, Michigan and Kentucky…The personal information came from records on the Hamilton County's clerk of court Web site, other Internet sites and stolen mail. The suspects used the information to create identification documents with a victim's name but bearing the picture of a suspect; print counterfeit checks; open credit accounts; and access the victims' credit accounts, authorities said. Fraudulent purchases were made at such stores as Kohl's, Sears and Best Buy. American Express and Chase Bank were among the financial institutions that were victims. Hamilton County Court Clerk Greg Hartmann said he started removing documents containing Social Security numbers and some other types of personal data from the clerk's Web site about 14 months ago, before he was aware of the theft investigation.

FCC Probes Caller-ID Fakers - If you've ever used one of the half-dozen websites that allow you to control the phone number that appears on someone's caller ID display when you phone them, the U.S. government would like to know who you are. Last week the FCC opened an investigation into the caller-ID spoofing sites -- services that began popping up late 2004, and have since become a useful tool for private investigators, pranksters and more than a few fraud artists. A seven-page demand from the FCC's enforcement bureau sent to one such service, called TeleSpoof, says the commission is investigating whether the site is violating the federal Communications Act by failing to send accurate "originating calling party telephone number information" on interstate calls. A copy was also sent to VoIP service provider NuFone. The FCC is demanding business records from both companies, as well as the name of every customer that has used TeleSpoof, the date they used it and the number of phone calls they made… TeleSpoof's operator says he has about 600 users. Private investigators were his earliest customers, but ordinary consumers have found uses for his service as well, he says. In one case, a divorced father was able to talk to his child on Christmas by spoofing his caller ID to slip the call past his estranged ex-wife, he says. But last month Congress heard testimony that criminals have used the services while making pretext phone calls to wheedle private consumer information out of companies. The services have also reportedly been used to target businesses that rely on caller ID for authentication -- Western Union wire transfers service have been particularly vulnerable, as are T-Mobile voice mailboxes in their default configuration.

Technology facilitates Caller ID spoofing - Last fall, U.S. Rep. Tim Murphy’s office started getting phone calls from constituents who complained about receiving recorded phone messages that bad-mouthed Murphy. The constituents were especially upset that the messages appeared to come from the congressman’s own office. At least, that’s what Caller ID said. “People thought we were making the calls,” Murphy said. The calls, which the Pennsylvania Republican estimated in the thousands, were apparently placed with fake Caller ID. That has been possible for a long time, but it generally required special hardware and technical savvy. In the last few years, Caller ID spoofing has become much easier. Millions of people have Internet telephone equipment that can be set to make any number appear on a Caller ID system. And several Web sites have sprung up to provide Caller ID spoofing services, eliminating the need for any special hardware…Lance James, chief scientist at security company Secure Science Corp., said Caller ID spoofing Web sites are used by people who buy stolen credit card numbers. They will call a service such as Western Union, setting Caller ID to appear to originate from the card holder’s home, and use the credit card number to order cash transfers that they then pick up…In a slightly more complicated fashion, spoofing was part of the technique used by a hacker who broke into Paris Hilton’s cell-phone voicemail in 2004, according to security consultant Kevin Mitnick, who said he was citing hacking sources. The hacker apparently called the celebrity socialite posing as a technical-support person from the carrier, and lured the password from her. That is known as a “pretext” call — someone poses on the phone as a customer, employee or even a regulator to obtain personal information from companies and individuals. And indeed, while Spoofcard.com contends that its service is for “entertainment purposes,” it also notes that “Private Investigators will find Caller ID spoofing valuable for pretext calls.” Robert Douglas, a privacy consultant in Colorado, testified before Congress last month that pretexters trade tips on finding the best spoofing services. Pretexters generally claim their practices are legal, as long as they don’t involve financial information. A bill introduced in the Senate would make it illegal to pose as someone else to obtain phone records, or to buy records from phone company insiders. Douglas would like legislation against Caller ID spoofing as well, but there appears to be little interest in Washington. “If I’m paying extra for Caller ID, which I do ... there should be some ability on my part to believe what I’m getting,” Douglas said. In Alaska, State Representative Bob Lynn has introduced a bill to make spoofing a misdemeanor. “False caller identification is more serious than pranks, or the annoyance of intrusive telemarketing,” Lynn writes. “It facilitates fraud, and can be potentially deadly.” However, it is unclear what effect the bill would have. As Lynn notes, Caller ID is a federal issue.

Can Legislation Stop Identity Theft? - In many instances, companies are turning over control of data to third parties for processing or storage, often without first ensuring they can keep it safe, noted Privacy Rights Clearinghouse Director Beth Givens. "The easier it gets to transfer billions of bits of confidential data by pushing a button, the more difficult it is to safeguard our private records."

Four lose jobs after data breach at Oregon health care facility - One employee was fired and three others resigned in connection with the theft in late December of backup computer tapes and disks containing personal information and medical records on about 365,000 hospice and home health care patients from a parked car in Portland, Ore.

New threat to online bank accounts - Most people who use e- mail now know enough to be on guard against "phishing" messages that pretend to be from a bank or business but are actually attempts to steal passwords and other personal information. But there is evidence that among global cybercriminals, phishing may already be passé. In some countries, including Brazil, it has been eclipsed by an even more virulent form of electronic con - the use of keylogging programs that silently copy the keystrokes of computer users and send that information to the crooks. These programs are often hidden inside other software and then infect the machine, putting them in the category of malicious programs known as Trojan horses, or just Trojans.

Calif. Inmates Obtain Prison Employee Data - Inmates gained access to personal information about prison employees, including their Social Security numbers, after the state unlawfully allowed them to work in a warehouse storing the data, a guard union said Thursday. Inmates at Pelican Bay State Prison also had access to papers containing employees' birth dates and pension account information, as well as prison blueprints, said the California Correctional Peace Officers Association…One prisoner found with confidential records had asked an inmate serving time for identity theft to teach him how to use the information, Jimenez said.

Brokerage firms take steps to combat identity theft - Today's investor might hold a morning mug of coffee up to a Morgan Stanley brokerage statement, which now contains a mark made by heat-sensitive ink, to double-check its authenticity. That same investor might use a secret, six-digit code that changes every minute when accessing an account online through E*Trade Financial Corp. The code can't be intercepted because it's generated by a keychain-sized device with an algorithm known only to the brokerage firm. It may sound like an episode of CSI: Wall Street -- if there were such a show -- but the security measures are really the latest efforts by brokerage firms to combat an emerging area of identity theft. While an exact accounting of the problem isn't available, federal regulators and consumer advocates have warned recently about an increasing number of victims who have had their brokerage accounts liquidated and drained by thieves…Brokerage accounts have become a prime target because they typically hold more money than banking accounts. Also, wealthy brokerage investors tend to be older and may lack online know-how, making them easier to dupe with sophisticated computer schemes, security experts said. "Some of the brokerage firms are losing millions of dollars a month," said Avivah Litan, a security analyst at Gartner Inc., a research firm based in Stamford, Conn. "Thieves started out with bank accounts and as that became more difficult, they moved on to brokerage accounts. It's where the money is, though it is a little more tricky to get out."

Editorial - Invasion of privacy must stop - When Samajwadi party MP Amar Singh claimed in early January that his phone was being tapped and accused the Congress party president Sonia Gandhi of having ordered it, many thought it was a stunt meant to score political points over a rival…Three persons have been arrested, one running a private detective agency and the other an employee of a telecom firm which provided the phone line at Singh’s residence. The implications are extremely sinister. If an MP’s phone can be tapped, how vulnerable is the common citizen? The danger of invasion of privacy by the state as well as by, say, business rivals, has now multiplied several-fold because of the increase in the number of private telecom providers.

Online Game ID Theft Victimizes Thousands - More than 220,000 South Koreans have been victims of online identity theft in connection with a popular Web-based fantasy game, a sign of growing problems with information protection in one of the world's most wired countries.

Businesses urged to take action against corporate identity theft - Corporate identity fraudsters are costing businesses more than £50 million a year, according to the Finance & Leasing Association, which represents finance companies. The FLA warned that firms, which are increasingly concerned by the growth of company hijacking, must take "immediate action" to protect themselves. With the advent of chip and PIN, fraudsters appear to be turning from personal to corporate ID theft.

Tenn. Halts Immigrant Driving Certificates - Tennessee stopped issuing driving certificates to illegal immigrants Friday after investigators learned out-of-state applicants were using fake papers and bribes to get cards…One major problem, Nicely said, was the variety of documents, such as utility bills or housing leases, that people could use to prove they lived in Tennessee. The department was flooded with certificate requests, and employees were overwhelmed trying to verify the paperwork, he said…A dozen people pleaded guilty in recent months after two federal investigations found shuttles from as far away as New Jersey had brought South and Central American immigrants with fake residency papers to get certificates at state licensing centers in Knoxville. In January, federal prosecutors filed charges that state license examiners in Murfreesboro accepted bribes to provide out-of-state illegal immigrants with driver's licenses and certificates. Two people were sentenced to two years in prison after pleading guilty, and others are awaiting trial.

3 Firms Will Compete to Build New Border Network - Northrop Grumman Corp., Lockheed Martin Corp. and Raytheon Co. are putting together rival teams to compete for the Homeland Security Department's new contract to set up an integrated network of sensors and cameras along the U.S. northern and southern borders. The Secure Border Initiative, announced by Homeland Security Secretary Michael Chertoff in November, is expected to be one of the department's largest contracts, with an estimated value of $2 billion, according to market research firm Input Inc. of Reston. The money would go toward technologies, such as advanced video cameras and heat sensors, that could be mounted on poles and fences or in movable unmanned vehicles. If an intrusion is detected, an alert would sound for Border Patrol units.

Florida AG Crist Charges Second Data Broker Over Sale of Phone Records - Attorney General Charlie Crist today charged Global Information Group, Inc., a Florida corporation, with unlawfully obtaining and selling confidential telephone records without the knowledge of the consumers whose records were being sold. This is the Attorney General's second legal action within a month targeting this form of unlawful conduct. Crist's case, filed today in Hillsborough County Circuit Court against the company and its principals, alleges that Global obtained information by impersonating either customers or telephone company employees in order to obtain consumers' personal calling information. Global, located in Temple Terrace, is accused of providing its customers with confidential telephone calling records of unsuspecting consumers. Laurie Misner, 43, and Edward Herzog, 48, are named as the principals of Global…The Attorney General's investigation has revealed that Global placed thousands of calls from its Temple Terrace headquarters seeking unauthorized customer information from several telephone companies serving customers throughout the United States, including some in Florida. The information was then sold Global customers who allegedly used the information for their own purposes.

Identity theft may be motive in killings - Identity theft emerged Thursday as the central motive in the murders of a New Baltimore couple, brutally slain in their home last week.

HIPPA: All bark - No bite - When privacy provisions to the 1996 Health Information Portability and Accountability Act, or HIPAA, were enacted three years ago, penalties up to $250,000 in fines and 10 years in prison created a scare that bordered on hysteria among medical care providers afraid of being prosecuted. Today, almost three years later, federal officials say they know of only one person who has ever been criminally prosecuted for violating HIPAA and there has not been a single civil fine levied against anyone.

Privacy Gets Partisan - Privacy has become a partisan issue. In the past, bills written to protect consumers' private information typically got the backing from both Republicans and Democrats. Last May, for example, the House passed an antispyware bill 395-1. But now Republicans and Democrats are drawing clear lines on what they support.

‘Phishing’ season for tax scammers - Marketing pitches masquerading as the 1099 forms detailing non-payroll income have been arriving in taxpayer mailboxes, while e-mails that appear to be from the Internal Revenue Service are really identity theft scams designed to collect personal financial information.

EPIC: Lawyers Drive Phone Data Black Market - Forget stalkers and ex-spouses as the primary consumers of online black market phone data. The Electronic Privacy Information Center (EPIC) says lawyers are the primary buyers driving the market, raising significant ethical issues for the legal profession…In testimony before a Senate panel earlier this month, Robert Douglas, an identity theft expert and CEO of PrivacyToday.com, told lawmakers the "overwhelming majority" of phone records are purchased by attorneys, private investigators (who are often working for attorneys), skip tracers, debt collectors and the news media. "Each of these categories of users and purchasers have at one time or another made impassioned pleas to me that they need access to phone records -- outside of normal judicial review processes -- to conduct what they argue are socially beneficial services," Douglas testified. Attorneys use the records as a means of discovery in numerous types of litigation, from divorce to criminal defense to business intelligence. Private investigators, skip tracers and debt collectors find the information useful in locating witnesses and developing leads. The news media -- especially the tabloids, according to Douglas -- buy confidential phone records to track celebrity lives and to develop their own leads in national stories. "These buyers and their thirst for the information contained in detailed phone billing records resulted in the market and the cash flow that fed and encouraged the online sale of phone records," Douglas said. He further testified that methods for "stealing" phone records have been known and in use for decades. "With the advent of the Internet and the World Wide Web, it was only a matter of time before some illicit information broker or private investigator decided to advertise the availability of phone records on the Web," he said. From there, Douglas said, greed, not law or ethics, became the name of the game. "Once the first ads appeared and other brokers and investigators learned how much money could be made selling phone records via the Internet -- in some instances more than a million dollars per year for small operations -- the feeding frenzy was on," he said.

Bill Would Bar Online Sale of Cell Phone Records – [CA} Businesses would be barred from selling records from cell phones or other handheld devices on the Internet under a bill introduced today by Assemblywoman Fran Pavley…A number of states as well as Congress are looking at legislation that would specifically ban consumer records from being sold on the Internet.

Court shuts down another cell phone records Web site - Cole County Circuit Judge Thomas Brown on Thursday issued a court order barring Completeskiptrace.com and its owner Rob Schroader from doing business in Missouri or with Missourians. Attorney General Jay Nixon filed suit Tuesday against Schroader, Complete Skiptrace and Get A Grip Consulting Inc., all from Cedar Hills, Utah, for allegedly invading the privacy of some Missouri residents by selling their phone records to others on the Internet.

Utahns sued over phone-record sales - The Web site on which the records were allegedly sold also was shut down by court order. Cole County Circuit Judge Thomas Brown on Thursday issued a court order barring Completeskiptrace.com and its owner Rob Schroader from doing business in Missouri or with Missourians…Schroader said Thursday night that he is a shareholder with Get A Grip. Once the Missouri Attorney General's Office contacted the company, they dropped the phone records-sales service…Visitors to the Web site can get cell phone numbers of people across the United States, Schroader said, but not of any Missouri residents. The reason the company didn't drop the entire search service: "We don't know they're doing it illegally. We just know that Missouri doesn't want us selling (the information)."

Abbott supports bill to prevent sale of private phone records - Texas Attorney General Greg Abbott is backing legislation filed by U.S. Rep. Lamar Smith that, if passed, would stiffen the penalties on companies who fraudulently solicit or sell confidential cell phone records. "The sale of personal cell phone information is an outrageous invasion of personal privacy that will not be tolerated in Texas," Abbott says.

Records detail Belle's threats - A former all-star baseball player arrested Thursday and charged with stalking had threatened to kill his exgirlfriend if she told anyone about an electronic tracking device he had placed on her car, records show.

Park At DIA? Your Credit Card Info Was Stolen - There's bad news for anyone's who's parked at Denver International Airport and used a credit card to pay in the last seven years. Your credit card information has been stolen.

FTC settles with CardSystems over data breach - A credit card-processing company agreed to settle allegations that it failed to protect consumer data, resulting in millions of dollars in fraudulent purchases, the U.S. Federal Trade Commission said Thursday.

Member of fake ID ring gets 11 years - A 34-year-old man from Mexico was sentenced this week to more than 11 years in prison for his role in a ring that produced fake Social Security cards, driver's licenses and resident alien cards and distributed them in Colorado, California and Illinois…Prosecutors said Miranda-Espinosa was a longtime member of a counterfeit documents ring known as the Castorena Family Organization, making and distributing fake IDs from at least 1999 through February 2005…A plea agreement said Miranda- Espinosa conspired with others, including federal fugitive Pedro Castorena-Ibarra, an alleged ringleader in the Castorena Family Organization, to wire proceeds of the counterfeit ID business to Los Angeles and Mexico.

Privacy Calling - Technology is outrunning the law on a growing number of issues. Add phone records and privacy to the list. It's now possible to go online and, for about $100, order a copy of someone's cell or landline phone records, including call lists…Up to now, common law or statute has not protected the privacy of such records, but it should. A package of bills to do so in Michigan will be introduced soon by state Rep. Michael Sak, D-Grand Rapids…The bills would make buying and selling phone records a five-year felony with fines of up to $10,000. They would increase penalities to up to 10 years and $100,000 for trafficking in the phone records of police officers and firefighters…Michigan legislators can best protect phone records -- and the privacy of their constituents -- by making it a crime in this state to buy and sell them.

Auditor loses McAfee employee data - An external auditor lost a CD with information on thousands of current and former McAfee employees, putting them at risk of identity fraud.

Alarming Phishing Trends - The number of phishing Web sites skyrocketed in December, as did the number of sites designed to spread password-stealing badware, according to the most recent report from the Anti-Phishing Working Group.

Killer Had Cell Phone Records In Hand / Hired One PI and Tried To Hire Another - Luis Alberto Gomez-Rodriguez visited the Muscatine County Courthouse on Feb. 23, 2005, and asked for the location of Maria Antonia Rivero and Juan Sarol-Cepero’s rented home on the 1800 block of New Hampshire Street – approximately four hours before their murders, according to testimony from two Muscatine County employees at Gomez-Rodriguez’s double-murder trial Friday morning. Two Iowa private investigators also testified that approximately a month before the murders, Gomez-Rodriguez had contacted both of them, asking if they could help him locate the native Cuban couple in southeast Iowa…Rodney Hulen and Thomas Breese, local private investigators, testified that Gomez-Rodriguez had contacted both of them, asking if they could locate Rivero and Sarol-Cepero and offering to pay for their services. Hulen said that on Jan. 14, 2005, Gomez-Rodriguez visited his Ottumwa office. He had no prior appointment, the investigator told Snyder…To help Hulen’s search, Gomez-Rodriguez provided him with documents that included driver licenses, motor vehicle information, a cell phone number and two addresses in Ottumwa…Breese, whose office is located in Iowa City, said he met with Gomez-Rodriguez on Feb. 21, 2005, two days before the murders…Gomez-Rodriguez brought a lot of documents to the office, Breese told jurors. “There were motor vehicle and driving records, some cell phone records,” he recalled. The phone records were from Sarol-Cepero’s cell phone. Breese said that, as a private investigator, obtaining phone records was illegal.

see previous posts

Home    Contact Us    News    PT in the News    Services    Speeches    Identity Theft