One of the most taken-for-granted pieces of government documentation has got to be the poor, misunderstood Social Security card. While it has always been designed to be physically counterfeit-proof, the card itself offers no proof that the bearer is actually who he says he is.

It’s the information contained on the face of the card itself that is so valuable. But if it doesn’t tell anyone who you really are, what’s it good for?

According to Carolyn Puckett of the Office of Research, Evaluation, and Statistics, Office of Retirement and Disability Policy, Social Security Administration, “The original purpose of the SSN was to enable the Social Security Board to maintain accurate records of the earnings of individuals who worked in jobs covered under the Social Security program. The card was never intended to serve as a personal identification document… However, the simplicity and efficiency of using a unique number that most people already possess has encouraged widespread use of the SSN by both government agencies and private enterprises.”

Unfortunately, the widespread use of the SSN as an identifier has contributed to the growing crime of identity theft. Criminals need only access a few pieces of sensitive information in order to open new accounts, establish lines of credit, file fraudulent tax returns, and more.

But a new bill, the Identity Theft and Tax Fraud Prevention Act of 2015, introduced this past March by Sen. Bill Nelson, D-FL, includes some dramatic steps that are designed to minimize the threat to consumers. One of the very first items that can help protect individuals from losing their information in data breaches (either intentional or accidental) is to limit the uses of the Social Security number, specifically in the healthcare system.

“Use of the SSN as a convenient means of identifying people in large systems of records has increased over the years and its expanded use appears to be an enduring trend… Generally, there are no restrictions in federal law precluding the use of the SSN by the private sector, so businesses may ask individuals for an SSN whenever they wish (Streckewald 2006),” explained Puckett in a document for the Social Security Administration.

While it’s not illegal for an agency or a place of business to request your Social Security number, it’s also not required that you provide it. You don’t have any legal recourse, though, if a business like a doctor’s office refuses to treat you if you don’t provide it. What is more unfortunate about the use of SSNs as an identifier is the fact that many places will request it as standard procedure without even really knowing why they’re asking for it. It’s as if we’re so accustomed to handing it over on a form or during a registration process that we do it without even thinking about it.

The bill, which has garnered a lot of support from lawmakers, would eventually halt the practice of using your Social Security number in healthcare settings. This would be good news for consumers in that a number of hacking events and internal data breaches have occurred through healthcare and insurance offices, like the recent Anthem Healthcare breach. The bill would also increase the penalties for certain identity theft practices, like tax refund fraud or distributing stolen personal data. Finally, the bill does a lot to upgrade the current IRS practices of reporting and correcting tax refund fraud.

One of the more frustrating aspects to consumer protection from identity theft, data breaches, and cybercrime is the current state-by-state basis that our legal system uses to address this type of crime.

Consumers and businesses alike are subject to different laws, depending on where they’re located. But a new bill that has already come up for committee vote in Congress is working to establish a federal mandate for cybercrime, specifically in how businesses must respond to a hacking event or data breach.

The House bill—the Data Security and Breach Notification Act—which was put through by the Energy and Commerce Committee on April 15th, is already coming under fire and receiving some dissenting viewpoints from members of Congress. Even the chairman of the committee, Fred Upton (R-MI), openly stated that the bill isn’t ready yet. But there are some preliminary ways that the legislation seeks to protect consumers.

One thing it’s working to do is to mandate how and when a business must inform consumers that their information was accessed. The bill states that businesses only have to tell customers about a hacking event if it results in financial harm, but as the industry knows from medical data breaches, getting control of someone’s credit card number isn’t the only avenue to financial damage. Right now, some states have a rule in place that a business has to tell its customers about a hacking event regardless of the outcome, while other states have mandated the requirement to inform consumers only after a certain number of customers were affected. Still, some information is better than none, and this bill would require consumers be kept up to date on some data breaches.

Other sources of contention included the cap of $1,000 that businesses could be penalized (per consumer) for failing to inform customers of a breach; the original penalty was $11,000. A major issue for those who voted against this bill—which included all of the Democrats on the committee, including the original bill’s co-sponsor—is the broadening of the requirements for businesses to comply. The bill removed the very specific steps businesses must take in order to prevent the loss of consumers’ private information, and instead requires them to only use “reasonable security measures and practices.”

The stakeholders in a federal bill of this kind are still working to formulate a plan that can address the needs of both consumers and businesses. Even Committee Chairman Upton conceded, “I would confess that it’s not quite ready and probably won’t be quite ready when we get to final passage early this afternoon.” From here, the bill will move on to the House floor for debate, which will likely include strong mention of the National Cybersecurity Protection Advancement Act of 2015, a bipartisan effort to create an information sharing process to prevent cybercrime.

As if telephone, mail, and online scamming of the public weren’t awful enough, specific scammers actually that target the elderly now. These individuals’ inherently trusting nature, the stereotype that many senior citizens are unfamiliar with newer technology, and the very specific fears associated with things like having their utilities shut off or needing a better price on healthcare or medicine make the elderly a particularly ripe target for scammers and fraudsters.

But a new bill at work in the Ohio state legislature may impose greater consequences on scammers who go after senior citizens, as well as fund support centers for people who think they may have been the victim of a scam. One key measure will be to provide a mechanism for bankers, notaries public, and other offices that oversee financial transactions with a way to report suspected fraud or scams that affect their clients. Such covered examples might be a senior citizen who wants a new will or an odd bill of sale notarized, or a bank employee who notices multiple withdrawals from a customer’s account that are suddenly taking place.

Interestingly, the bill bridges the gap between “mandatory reporting” and providing protection from lawsuits if the reports of suspected elder scamming prove unwarranted. Mandatory reporting under this bill would require people in a position of oversight over elderly citizens’ finances to report any strange behaviors that could indicate a scam, but then would also protect those mandatory reporters from civil suits arising from their reports.

This type of protection is important for helping state officials and corporate employees take elder scams seriously, and to know they are supported for doing the right thing. The bill has now passed the Ohio state House and has gone on to the Senate, and its supporters are excited about the first piece of legislation to enact protection specifically of the elderly in more than 25 years. While there have been supports in place for elderly victims to turn to, they’ve often fallen under the state’s attorneys general to oversee, meaning each new successive person in that position is tasked with keeping it up to date on the most current information.

Rather than leave anything to chance, this bill would establish protections and support that stands on its own as a state government office.

The Identity Theft Resource Center and the Federal Trade Commission routinely conduct focused research on the impact of identity theft in order to get a clear picture of the nature and aftermath of this crime. For the fifteenth year in a row, the number one consumer complaint to the FTC is identity theft, and targeted efforts are being made to help develop a broader picture of what identity theft really entails in order to establish the protocols that will lead to better prevention.

Join us on Wednesday, March 18 at 9:00AM (EDT) for a live event to discuss this important issue, along with the release of Identity Theft Resource Center’s research whitepaper – Identity Theft: #1 FTC Consumer Complaint 15 Consecutive Years. The keynote speaker for this event will be Terrell McSweeny, Commissioner of the FTC, who will speak on the data findings that have led to this top consumer concern. A panel of experts will discuss the issues surrounding populations heavily affected by identity theft and what all stakeholders can do to better understand and assist them.

Event Details

Wednesday, March 18

9:00am-10:45am

Google – Washington, D.C.

25 Massachusetts Avenue NW, 9th Floor

Washington, DC 20001

*See map below

The event is free, but space is limited. To RSVP, click the registration button below, or go directly to the invitation information page: Identity Theft:  #1 FTC Consumer Complaint 15 Consecutive Years.

For those who cannot attend the live event in person, live tweeting of the keynote and the panel discussion will take place. Use the hashtag#IDTheftImpact to join the conversation where we will be sharing statistics and facts from the findings on Twitter. Be sure to add the hashtag to your own comments or questions in order to display them publicly with regard to this event.

It is important to realize that all of our constituents, customers, and citizens need tools that are specifically designed to assist their needs. By bringing policy makers, regulatory officials, industry specialists and advocacy groups into this discussion we hope to come away with new ideas and strategies, as well as collaborative opportunities.

 

Keynote

Terrell McSweeny Headshot

Terrell McSweeny

Commissioner of the Federal Trade Commission

@TMcSweenyFTC

 

 

 

Panelists

Eva Velasquez, ITRCModerator: Eva Velasquez

President/CEO

Identity Theft Resource Center

Eva Velasquez is the President/CEO at the Identity Theft Resource Center, a non-profit organization which serves victims of identity theft. Velasquez previously served as the Vice President of Operations for the San Diego Better Business Bureau and spent 21 years at the San Diego District Attorney’s Office.  Eva has a passion for consumer protection and privacy issues and is constantly striving to educate the public about these important topics.  She is recognized as a nationwide expert on identity theft and has been featured in numerous news outlets.

 

John Breyault, National Consumers LeagueJohn Breyault

VP of Public Policy, Telecommunications and Fraud

National Consumers League

John joined the National Consumers League — America’s oldest consumer organization — in September 2008. John’s focus at NCL is advocating for stronger consumer and worker protections before Congress and federal agencies on a range of issues including telecommunications and technology policy, fraud, and consumer financial protections. In addition, John directs NCL’s Fraud.org anti-fraud education and advocacy campaign.

John has served on numerous Boards and advisory committees including the Federal Communications Commission’s Consumer Advisory Committee, the Commodity Futures Trading Commission’s Technology Advisory Committee, and the Board of the Arlington-Alexandria Coalition for the Homeless.

 

Andy Bucholtz, LexisNexisAndy Bucholz

VP of Market Planning

LexisNexis® Risk Solutions

Andy Bucholz is the Vice President of Market Planning for LexisNexis® Risk Solutions, where he is responsible for the strategy and product development of identity-based solutions within the LexisNexis Government division. In this capacity, he helps federal, state, and local governments stop fraud and recover revenue by leveraging the availability of public records data. Mr. Bucholz is a recognized expert and frequent speaker in the field of data aggregation technology as it is used to uncover fraud — an area in which he holds several patents. Prior to joining LexisNexis, he founded G2Tactics, Inc., a startup that built the first portable mobile license plate reader.

 

Lisa Schifferle, FTCLisa Schifferle

Attorney, Division of Consumer and Business Education

Federal Trade Commission

Lisa Weintraub Schifferle is an attorney in the Federal Trade Commission’s Division of Consumer & Business Education. At the FTC, she regularly speaks on identity theft and senior scams, training advocates across the country. Before arriving at the FTC, Ms. Schifferle spent eight years at the Maryland Legal Aid Bureau, as a Staff Attorney and Supervising Attorney. She received her B.A., summa cum laude, from Yale College and her J.D. from the University of Virginia Law School.

 

Shawn Tiller, IRSShawn Tiller

Director, Refund Crimes

Internal Revenue Service Criminal Investigation

Shawn Tiller is the Director, Refund Crimes, IRS Criminal Investigation and reports directly to the Deputy Chief, Criminal Investigation. Mr. Tiller was named to this position in August 2014 and is responsible for guiding the activities of the Refund Crimes headquarters staff and employees in four Scheme Development Centers sites across the United States.

The Office of Refund Crimes is responsible for the detection of refund fraud, questionable refund schemes and return preparer fraud. The staff coordinates those activities with internal and external stakeholders to ensure a fair and balanced administration of the tax refund system.

 

 

About the ITRC

Founded in 1999, the Identity Theft Resource Center® (ITRC) is a nationally recognized non-profit organization which provides victim assistance and consumer education through its toll-free call center, website and highly visible social media efforts.

It is the mission of the ITRC to: provide best-in-class victim assistance at no charge to consumers throughout the United States; educate consumers, corporations, government agencies, and other organizations on best practices for fraud and identity theft detection, reduction and mitigation; and, serve as a relevant national resource on consumer issues related to cybersecurity, data breaches, social media, fraud, scams, and other issues.

 

We’ve come a long way from the days when identity theft first became a widespread problem, back when law enforcement officials didn’t quite know how to address it. It was such a new, unheard of issue even as recently as the 1980s that victims, the financial sector, and the judicial system alike often felt lost. The end result back then was often a lengthy nightmare for the individuals who were trying to clear their names.

Now, the scope of this type of crime is more fully understood, and states around the country have mechanisms in place to track down guilty parties and prosecute. But as thieves and scammers become craftier, the legislation often has to play catch up in order to stay on top of it. That’s why states around the country adopted new legislation in 2014 to address the problem.

One of the most notable changes was in the way children’s identities are being viewed. Several states passed legislation that works to prevent the fraudulent use of children’s personally identifiable information, a crime which is often committed by a parent or relative. It became easier in many states to put a freeze on a child’s credit report, meaning the child’s identity could not be used to initiate a new line of credit or an account of some kind.

Other legislation in a few states worked to combat the flip side of this problem, which is identity theft or scamming of an elderly person in the criminal’s care; again, it’s sad to say, but the elderly are often targeted by identity thieves, and too often it’s someone the victim knows. Florida, who has a large retiree and senior adult population, took it a step further and clarified what is admissible in court as a sworn statement by an elderly individual, as well as tightened up the laws regarding theft of property. It is no longer only physical property theft that’s considered exploitation of a senior citizen, for example, since there are other ways to defraud an individual.

Regarding both child and elderly identity theft cases, some states increased the penalty for these types of crimes, required government entities to report suspicious activity involving these citizens’ data, and initiated some forms of mandatory checking on Social Security numbers. Several states also allowed for the freezing of a minor’s or incapacitated adult’s credit if there is cause to believe someone may be after that individual’s identity.

Another running theme throughout these new laws is consumer protection, namely that some states now have strict requirements for reporting suspected data breaches and informing consumers who may have been affected. Until recently, many states had no mandatory requirement for this timeframe; of the record number of data breaches in 2014—the highest year so far for data breaches, in fact—many involved companies that waited months to inform their customers that their information had been stolen.

One of the stronger pieces of legislation involves the mere possession of stolen personal data. Identity theft can be hard to track down and trace, especially in cases where the original thief sold the information online. That’s a booming business in the world of black market e-commerce, so the person who accessed your information may not be the person who actually used it. There were numerous arrests in 2014 in which the suspect had personal information, stacks of prepaid debit cards, and other identity theft tools of the trade, but until now there was a shortage of strong legislation that made that illegal. Now, some states have passed laws stating that even possessing someone’s personally identifiable information without cause is a crime.

It can be overwhelming to try to stop identity theft and its related crimes when the laws vary in so many states, and efforts like those from 2014 have created a more uniform environment for preventing and prosecuting this crime. Be sure to read up on the laws in your state and know what protections are in place to keep your identity safe.

A Florida case involving a drug dealer may have changed the face of individual privacy in this country. The police in the case used a few different methods to locate and apprehend the suspect without obtaining a warrant, methods that the Florida Supreme Court has now declared illegal.

In the 2007 case of Shawn Alvin Tracey, the police had a warrant to track the activity on his phone as it pertained to incoming and outgoing phone calls in order to tie in more individuals to Tracey’s drug activity. What they didn’t have permission to do was track Tracey himself via the phone’s connection to various cell phone towers.

They relied on the practice of tracking an individual via his cell phone. The phone, which pings different cell phone towers as it connects even if it’s not in use, then provides a fairly accurate location marker, one that is precise enough to locate someone in a specific apartment in a building the suspect was in. The police accessed this additional information from the telecom company without obtaining a warrant from a judge, which the court has now ruled was a violation of the suspect’s Fourth Amendment right preventing unreasonable search and seizure.

What has come to light due to this case—the first of its kind in the US—is just how widespread the use of a law enforcement device known as a “stingray” has become, with police offices around the country allegedly using the device to skirt telcom restrictions and judges’ orders. This device can operate without requiring permission from the company that owns the cell phone tower and without the service provider even knowing about it; unfortunately, it has also come to light that police have lied to judges and defense attorneys in the past about where the tracking information came from, stating that it was simply provided by a “confidential source” rather than a piece of technology.

There is no argument that the police have an incredibly difficult job to do, and that criminals are constantly coming up with newer, more creative ways to stay one step ahead. But that doesn’t mean that citizens forfeit their rights to privacy and must incriminate themselves. According to the Florida court’s ruling, the use of the technology is still within the police’s power, they just have to obtain a warrant before gathering and using any data provided by a cell phone tower. They must be able to justify to a judge why they are tracking an individual, and will no longer be able to pick someone up in order to do their investigating.

It’s easy to think this isn’t a problem that everyday citizens have to worry about. After all, if you don’t want the police tracking you, then don’t break the law. But that’s not exactly the extent of the privacy issue in this case; after all, if the police can track you, what stops a criminal from tracking you through the same kind of technology? This issue, however, is about our individual rights, and the forfeiture of those rights is a matter that all citizens must take seriously. As our use of technology expands and the understanding of how that technology can and cannot be used expands along with it, we have more need than ever to protect our rights.

In a matter that has frustrated both individuals and open internet advocates, Google is slowly making its way through the mountain of requests that have flooded their offices since the EU ruled earlier this year on the Right to Be Forgotten. The ruling gives citizens the right to request certain webpages be removed from linking to them through search engines if the information is false or outdated. Under some countries’ laws, the request process actually allows for guilty individuals to have mentions of their crimes removed if enough time has passed and the sentence has been fulfilled.

Right to be ForgottenSince the spring ruling, Google has already removed more than 170,000 links to pages that contain content that users found associated with them, which was almost 42% of the requests submitted. Of those requests, the majority of pages removed came from Facebook, while other social media sites including Profile Engine and YouTube followed closely behind.

Interestingly, Google has been put in the precarious position of playing judge and jury in this situation, as users submit requests for page removal and then Google is tasked with deciding if the page link should come down. Requests are either approved or denied based on employees’ perceptions of the content as it pertains to the individual’s request.

As for being a time consuming process, that doesn’t even scratch the surface. Across the EU, close to 150,000 people have submitted requests to have a total of almost 500,000 webpage links removed. Those pages have to be carefully scrutinized and then judged as to whether or not they should come down. In an interesting twist, the page doesn’t disappear entirely, but is instead replaced with a message that the content was removed under the Right to Be Forgotten law, which really only tells future viewers that something on that page was at one point incriminating. Moreover, the content doesn’t necessarily come down either, but instead no longer links back to the individual’s name for search purposes.

According to an article for CNBC, one individual in Italy submitted requests for around twenty links that gave details about his arrest, and his requests were denied; a different individual from Germany submitted requests for around fifty links that gave details of an embarrassing public incident, and those requests were approved. An article from The Guardian also described how a doctor has requested links to news of malpractice accusations be removed; some of the requests which were approved and some were left standing.

Opponents of this measure have cited censorship concerns, while supporters have pointed out that the “nothing is ever deleted from the internet” nature of online information creates a world where no one can ever move on from their mistakes. In truth, a generation ago, a convicted individual who served out his sentence could at least expect to be able to move on with a fresh start, but that’s not quite as feasible in today’s climate of online data storage. Either way, with an average of 1,000 requests per day coming in from across Europe, the process won’t get faster any time soon.

California Governor Edmund Brown, Jr., signed proposed ID theft legislation into law on September 30th, marking a significant step in protecting citizens from data breaches and the resulting fraud. The bill, AB 1710, will take effect on the first day of the new year, and will go a long way towards helping consumers recover from large-scale data breaches.

Unfortunately, the original content of the bill wasn’t accepted in its entirety, but supporters say that the approved measures are a good first step. One of the provisions that did not make it to the governor’s desk include making breached businesses pay for the cost of issuing new credit cards to affected consumers, a cost that currently falls to the credit card companies. Another measure that was struck from the final piece of legislation would have required companies to delete much of the stored information that gets breached in these events, such as payment details, Social Security numbers, driver’s license numbers, and birthdates. Also, companies that gather and store that information were going to be required to notify affected consumers of a breach within fifteen days, as opposed to the ambiguous “timely manner” that current legislation requires; that measure also did not pass.

As an expert close to the bill explained, there are always a number of factors in any piece of legislation that get reduced before the final approval. A surprising number of organizations opposed the original, stronger content of the bill, including the state’s Chamber of Commerce and The Internet Association. Much of the reason for the opposition to the stronger terms stemmed from the fact that there are so many different industries involved in using consumers’ information that making broad, one-size-fits-all mandates for all of them would have been impossible.

There is some good news for California citizens, though, as some of the protections in the bill will make an impact on the outcomes of future data breaches. One of the first measures was a mandatory credit monitoring coverage for all consumers affected by a data breach in which information like Social Security numbers was accessed; this offer is usually extended by large corporations in the event of a breach as a show of good faith effort, but the new law will make it required for all companies. Also, the healthcare industry—a common source of identity theft and personally identifiable information loss—will be required to follow not just the existing HIPAA privacy regulations for data breaches, but also this new law.

While the new law may not have the same protective strength that the original creators and advocates had hoped, it is a good experimental move in helping ensure more protection for individuals who are devastated by identity theft. Hopefully, as the effects of the law are seen and understood, stronger safeguards can occur in the near future.

With the growing rates of ID theft and tax refund fraud, thieves have taken their crimes to even the state income tax level in order to make fast money. One state has implemented a computer system to help prevent tax refund fraud, but the end result has been a slower payout of as many as one hundred thousand refunds, a delay which is costing the state hefty penalties in interest.

New algorithms put in place on the state of Alabama’s revenue department computers are meant to catch inconsistencies that could red flag a refund, and the end result has been a slowing down of some of the state’s households’ refunds. While 1.85 million returns had been filed in 2014, only 1,063,768 had been issued by August.

So what happens to those citizens who are still waiting for a refund? The state of Alabama will allot a 3% interest on any unpaid refunds. According to Julie Magee, Alabama’s state revenue commissioner, the interest that the state will have to issue is a small price to pay for better security measures that prevent the loss of millions of dollars in fraudulent refunds.

Earlier this year, Alabama began the prosecution of a nine-woman tax fraud and identity theft ring in its state, one that specifically targeted soldiers and children by accessing their personal data through computer systems that stored the information. The criminals took in over $20 million dollars in fraudulent refunds, mostly of soldiers who were deployed to Iraq and Afghanistan, before they were caught. This type of crime has weighed heavily on the state’s revenue commission, who felt better security measures were needed.

While these measures are happening at the state revenue office level, the IRS is already scrutinizing its systems to prevent federal tax refund fraud. The problem has become so widespread that the IRS has paid out as much as $4 billion in a single year in fraudulent tax refunds to identity thieves.

Contributing to the delay this year was the fact that the federal government began processing federal tax returns about three weeks later than usual, but the state’s computer system enhanced that delay for an estimated 100,000 refunds. According to state law, interest must be paid on those refunds, but that’s an expense that the revenue commissioner feels is worth it to prevent refund fraud. Plans are already in place to restructure the algorithms so that next year’s refunds experience less delay.

If you found this information helpful, you may want to consider taking part in the Identity Theft Resource Center’s Anyone3 fundraising campaign.  For more information or to donate please visit http://www.idtheftcenter.org/anyone-3.

It’s one of the more difficult conundrums surrounding internet use: the more awareness and education about internet safety that works its way into the public consciousness, the faster the bad guys have to work to keep up. As organizations like the ITRC work to keep the public informed about some of the more dangerous behaviors and best practices associated with having an online presence, the more creative hackers and identity thieves have become in order to continue their crime sprees.

But new legislation proposed by US Senator Kirsten Gillibrand (D-NY) has been put forward as a possible solution to much of the worry about identity theft and financial fraud, especially as it pertains to the financial and retail industries. The bill, called the Cyber Information Sharing Tax Credit Act, would offer tax credits to businesses that participate in information sharing specifically as it relates to cyber threats and technology vulnerability.

The tax credit is meant to be an incentive to share information between companies, and will work to offset the costs associated with voluntarily participating in this type of group. It would essentially allow businesses to examine one another’s vulnerable practices and learn from previous incidents that have struck other companies and corporations.

According to a statement on the legislation on Senator Gillibrand’s website, the purpose of the legislation is clear. “Businesses should take the same precautions to defend their data as they do with their buildings and inventory. Just as they purchase insurance and security systems, they should enter into agreements with information sharing organizations to help defend against cyber-threats. From financial institutions and health care systems, to our electric grids and grocery stores, we are losing billions of dollars and putting our critical infrastructure at risk because of inaction. We must do more to strengthen our defenses online, and information sharing among businesses is a critical step that must be taken.”

How many incidents are we really talking about? Since the horrific incident on September 11, 2001, there have been more than 4,000 different large-scale security breaches on US businesses resulting in more than 500 million personal information records being accessed by criminals. Senator Gillibrand’s bill comes on the heels of the tenth anniversary of the 9/11 Commission’s report which showed that America is currently sitting at what they called “September 10th” levels for cyber security, meaning we’re all just one day—metaphorically speaking—from the next unthinkable attack. This time, however, experts believe the threat may be digital in nature and will have much farther reaching consequences.

Without waiting for a national response, a number of states have already explored their own versions of incentive programs for businesses within their states that are willing to share security information. Maryland is one such state, which earlier this year enacted its own tax credit up to $450,000 annually for participating companies that invest in recognized cyber security protocols to protect their consumers. Reports also indicate that other organizations are currently at work on better information sharing systems, especially between government defense contractors.

However legislation ends up affecting this kind of change, there is still a definite need for awareness and understanding of how to best protect yourself at the consumer level. While corporations will hopefully develop better standards and cooperation for preventing cyber attacks, it still remains the job of the individual to safeguard his personally identifiable information and keep his personal data safe through smart online behaviors and careful monitoring of his credit information.

If you found this information helpful, you may want to consider taking part in the Identity Theft Resource Center’s Anyone3 fundraising campaign.  For more information or to donate please visit http://www.idtheftcenter.org/anyone-3.