Home Page Featured 2

The Federal Trade Commission (FTC) announced July 24, 2019, that they have reached a settlement with Facebook, Inc. The social media giant received the largest fine in history for violating consumer privacy and were ordered to pay $5 billion – roughly 20 times the last largest fine of this kind. This comes less two years after Cambridge Analytica was found using millions of Facebook users’ data that brought the companies privacy practices into the limelight.

As part of the Facebook settlement, the FTC has ordered the company to make changes to their current standards of privacy. The changes will start at the board level – and will trickle down through their executive ranks – including increases in transparency and holding individuals within the organization accountable.

What Does This Mean for Social Media Users?

Just within the United States and Canada, 185 million people use Facebook on a daily basis. This enormous number represents just how integrated the company is in the daily lives of citizens and does not even account for the other Facebook, Inc. entities, like Instagram and WhatsApp.

Social media users should expect to see more updates and changes to privacy policies on Facebook, Inc. applications. Similarly to the last time Facebook updated their privacy policy, other social media companies – like Twitter and Snapchat – are likely to proactively update their standards as well. This means users will probably be receiving emails and in-app notifications of updated privacy policies. It also means they might have more control over the information they choose to make available to Facebook and third-party partners. Identity Theft Resource Center always encourages users to read privacy policies in order to know exactly what companies can do with your data. We also highly recommend reviewing your current privacy settings on all online accounts to make sure you are comfortable with the information shared.

When these changes are expected to roll out is unknown, as Facebook’s settlement with the FTC is a 20-year plan. Likely, initial changes will likely start to happen within the coming weeks and continue to be updated on a regular basis. Users may not see immediate changes to their how they are able to interact with the platform or its sister properties, Instagram and WhatsApp.

What Does This Mean for Facebook?

On Facebook’s website, the company says this decision has come after months of negotiations with the FTC. The statement also says the settlement will require a “fundamental shift” in Facebook’s approach at every level of the company in terms of privacy and that they hope to be a “model for the industry.”

Requirements of the Facebook settlement include establishing an independent privacy committee, removing CEO Mark Zuckerberg from complete control over decisions that affect user privacy. Compliance officers will be appointed throughout the company that will report to the FTC quarterly regarding the new privacy standards being upheld. Also, third-party assessors will be evaluating Facebook and identifying any issues.

Additionally, Facebook will be required to document cases when data of 500 users or more is compromised and notify the FTC within 30 days of the discovery.

On top of the $5 billion fine from the FTC, Facebook will pay an additional $100 million to the Securities and Exchange Commission (SEC). This fine came after it was discovered Facebook made misleading claims about the misuse of user data. The SEC’s statement said Facebook acted as though the situation were merely hypothetical when they knew the data had in fact been misused. The $100 million fine is the highest penalty to be paid because of this type of lack of disclosure according to the SEC.

If you are a victim of identity theft in need of assistance, you can receive free remediation services from ITRC. Call one of our expert advisors toll-free at 888.400.5530 or LiveChat with us. For on-the-go assistance, check out the free ID Theft Help App from ITRC.


You might also like…

Facebook Rolls Out Privacy Updates – Here’s How To Check Your Settings

New Tool Helps Consumers Make Sense of Data Breaches

What Does the Equifax Settlement Mean for its Data Breach Victims?

 

In fact, of the 1,255 total data breaches recorded by the Identity Theft Resource Center in 2018, 150 of were because of the mismanagement of information by employees tasked with protecting it. That means 12% of the data breaches were the direct result of mistakes in handling sensitive information, leading to 1,131,288 records exposed and potentially costly consequences for the companies involved.

April is Records and Information Management Month, and while it might not conjure up holiday-themed festive images the same way Christmas does, it is a great reminder that your information and your identity are only as safe as the people who have their hands on it.

What does it mean to mishandle information? There are numerous ways that information can accidentally fall into the wrong hands. It may be losing a flash drive or laptop with customer records on it, the theft of company hardware like laptops or even servers, reusing a weak password that lets hackers easily break into a system or failing to password protect a database of records in the first place. In other cases, the exposure resulted from improper disposal of sensitive information, such as throwing paper records in an unsecured garbage dumpster instead of shredding. In many cases, employees may fall for phishing attempts or respond to requests that appear to come from someone within the company but are actually sent by malicious imposters.

In order to protect all of the sensitive information that businesses gather and store, it is important to understand how to secure it and what can happen if it is compromised. It often starts with a solid company-wide computer use policy that outlines exactly how things like password security, email responses and data access are supposed to be enforced. Helping every employee understand the ramifications of mishandling information is important, too. Finally, a good “delete” housekeeping from time to time to permanently destroy any outdated stored records can thwart a lot of security problems before they arise.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC

Read next: TurboTax Breach Cause By Credential Stuffing

Sparking joy has taken on a whole new meaning thanks to the KonMari method of tidying up. Cleaning up your physical and digital life are some ways to minimize your risk of identity theft.

Marie Kondo is taking the world by storm with the premise of decluttering your life, tidying up your home and work spaces, and basically living by a simple principle: if it doesn’t “spark joy,” you don’t need it. The mindset behind the so-called KonMari method has proven so effective that second-hand stores and thrift shops are seeing record-setting levels of donations.

This decluttering concept can be applied to physical possessions, but you should also consider its ability to benefit other areas of life. You might clean up your email inbox or desktop for example. There’s another level of protection that consumers can take from this “spark joy” concept, and that’s keeping their identities out of a criminal’s hands.

Before You Begin

There are a number of steps that can help you organize your identity before you ever have to deal with cluttering consequences. These would include things like halting subscriptions to magazines and newspapers you don’t read, blocking credit card offers with your financial institutions, going “paperless” on bills and bank statements, and more. By ensuring these things don’t arrive at your home, you’ll have less clutter to deal with and fewer security pitfalls that a thief could exploit.

Another possible vulnerability is your email inbox. Adopt the good habit of not just deleting unwanted emails, but actively unsubscribing from them. This will require you to open them, scroll all the way down, and click unsubscribe. Do NOT follow this procedure for emails that appear to be scam attempts, as clicking a link can redirect you to a harmful website or install malicious software on your computer. Are you holding on to an old email address?

Physical Mail

As for identity tidying in your home or workplace, that can seem very daunting. Don’t worry, it’s not. Following commonly shared methods from organizational experts like Marie Kondo and others, you can start by creating “piles.” Establish a temporary spot for everything that could be linked back to your identity: a pile for bills, a pile for junk mail, a pile for important papers, and more.

The bills: your monthly bills must be accessible but protected, so find out where you are most likely to see them but keep others from coming across them. As you pay a bill, shred the remaining mailer portion so that you don’t end up with random piles of paper that will need to be addressed later.

Junk mail: it’s too easy to toss some junk mail on the counter and think you’ll deal with it later. It’s even easier to throw it in the trash unopened, but that could lead a dumpster-diving identity thief to pieces of your overall data puzzle. Keep a basket near your cross-cut shredder to stash these items until you’re ready to shred.

Important papers: a lot of people would agree that tax documents, health insurance statements, and other key papers don’t exactly “spark joy” and therefore should be done away with immediately. However, that’s not wise. What is useful, though, is investing in a small file cabinet or file box where important papers can be stored when not needed. It’s important that this file be accessible in an emergency but not left out in the open where anyone could rifle through it.

Digital Clutter

It’s easy to forget that your identity is vulnerable online, too, but the same principles behind decluttering can help you in the virtual space. Investing in an external hard drive or cloud-based storage subscription can protect the things you want to keep while getting them out of your physical space. Even better, if there’s a paper you might need at a later date, you can simply photograph it or scan it, then store it in these outside spaces. That way, you can discard the original but retain a protected printable copy if you need it.

Mobile Apps & Privacy Settings: First, take a look at all of the apps on your device – are there any you’re not using anymore? Delete those.

Second, visit your mobile device settings to see what information your applications are collecting from you and update them for increased privacy. For example, you might need to let a map app see your location for example, but does it need to be active all the time or just when in use? Same thing for photos, do all of your apps need access to your media library? Definitely not. It’s also a good time to run any updates for your phone software or apps. Read the descriptions carefully and note any cybersecurity language before choosing to update.

You should also be concerned about the permissions you allow (see trustjacking) the mobile apps on your device. Through these apps, third-parties might be tracking information about you that you might not realize like your location, search history and even your photos. Even if they aren’t actively using this collected data, they’re still storing it which can leave your personal information vulnerable to cyberattacks should the third-party fall victim to a breach.

Also, think twice before discarding that old device. Be sure to reset to your factory settings.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Read next: What’s the Latest Threat From Your Internet Connected Toys?

SAN DIEGO – Jan 28, 2019 – The Identity Theft Resource Center®, a nationally recognized non-profit organization established to support victims of identity crime, and CyberScout®, a full-spectrum identity, privacy and data security services firm, released the 2018 End-of-Year Data Breach Report.

According to the report, the number of U.S. data breaches tracked in 2018 decreased from last year’s all-time high of 1,632 breaches by 23 percent (or 1,244 breaches), but the reported number of consumer records exposed containing sensitive personally identifiable information jumped 126 percent from the 197,612,748 records exposed in 2017 to 446,515,334 records this past year.

“The increased exposure of sensitive consumer data is serious,” said Eva Velasquez, president and CEO of the Identity Theft Resource Center. “Never has there been more information out there putting consumers in harm’s way. ITRC continues to help victims and consumers by providing guidance on the best ways to navigate the dangers of identity theft to which these exposures give rise.”

Another critical finding was the number of non-sensitive records compromised, not included in the above totals, an additional 1.68 billion exposed records. While email-related credentials are not considered sensitive personally identifiable information, a majority of consumers use the same username/email and password combinations across multiple platforms creating serious vulnerability.

“When it comes to cyber hygiene, email continues to be the Achilles Heel for the average consumer,” said CyberScout founder and chair, Adam Levin. “There are many strategies consumers can use to minimize their exposure, but the takeaway from this year’s report is clear: Breaches are the third certainty in life, and constant vigilance is the only solution.”
To download the 2018 End-of-Year Data Breach Report, visit: idtheftcenter.org/2018-end-of-year-data-breach-report/

###

About the Identity Theft Resource Center:

Founded in 1999, the Identity Theft Resource Center® (ITRC) is a nationally recognized non-profit organization established to support victims of identity theft in resolving their cases, and to broaden public education and awareness in the understanding of identity theft, data breaches, cybersecurity, scams/fraud, and privacy issues. Through public and private support, the ITRC provides no-cost victim assistance and consumer education through its call center, website, social media channels, live chat feature and ID Theft Help. For more information, visit: http://www.idtheftcenter.org

About CyberScout:
Since 2003, CyberScout® has set the standard for full-spectrum identity, privacy and data security services, offering proactive protection, employee benefits, education, resolution, identity management and consulting as well as breach preparedness and response programs.

CyberScout products and services are offered globally by 660 client partners to more than 17.5 million households worldwide, and CyberScout is the designated identity theft services provider for more than 750,000 businesses through cyber insurance policies. CyberScout combines extensive experience with high-touch service to help individuals, government, nonprofit and commercial clients minimize risk and maximize recovery.

###

Identity Theft Resource Center
Charity Lacey
VP of Communications
O: 858-634-6390
C: 619-368-4373
clacey@idtheftcenter.org

CyberScout
Lelani Clark
VP of Communications
O: 646-649-5766
C: 347-204-9297
lelani@adamlevin.com