Les Jones: New Security Disclosure Rules for Financial Institutions

March 29, 2005

E-commerce > New Security Disclosure Rules for Financial Institutions

Four agencies - FDIC (Federal Deposit Insurance Corporation), the Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency (OCC), and the Office of Thrift Supervision (OTS) - have new rules requiring banks to disclose security breaches to customers when their personal information has been compromised. The new rules are a response to security breaches at ChoicePoint and other companies.

Posted by lesjones

Comments

It's perfectly legal for ChoicePoint to collect publicly available financial and personal data. But when they take active steps to consolidate the information, sell it and make it available in an unsecure manner; then they are endangering the finances of their so-called customers. (I don't think anybody has asked ChoicePoint, Hey please collect and sell my personal information.)

This endangerment is not inherent in the information when it exists publicly in discrete forms. It is ChoicePoint's active participation in consolidating, manipulating and selling the data which introduces heightened vulnerability. When that data is comprimised, I think it puts ChoicePoint in a very actionable position.

Also, I don't remember a phrase in the constitution saying that people should be secure in their persons and papers "only from the government". I think it's time ChoicePoint and the other data collectors were called to account for their actions. They are disenfranchising and endangering consumers who neither asked nor deserved this interference in their private affairs.

Posted by: Chris Range at March 30, 2005