Tuesday, April 08, 2008

Identity Theft War Over, The Consumer Lost.

If you take a step back and look at all the issues related to Identity Theft one thing is perfectly clear.

The really bad guys have already won.

No matter what measures individuals may take to protect their personal data, all that data is likely to become very public, very soon.

Huge databases of public information are being easily stolen from government workers and private companies. All the crook does is steal a laptop computer from the front seat of a car. Thefts of laptop computers containing important personal data happen every day.

New York City 036590

Stolen personal data is bought and sold every day on the Internet. People in the U.S. and countries all over the world maintain a free market on stolen personal data.

Computer experts working for criminal organizations can easily break into computers running Microsoft Windows. But they do not need to try very hard, most people use very easy passwords, like the word "password." These so-called hackers are actually very talented computer professionals, considering that most computer users can barely locate the Word document they just saved.

The best hackers spend almost no time breaking into individual computers. Seasoned hackers prefer to break-in to business computers such as those maintained by department stores. They recently stole a very large amount of customer credit card data from a major department store, TJ Maxx.

Stolen mail is actually not the largest source of identity theft, though it is a growing problem in some areas. There has been a dedicated police force fighting that crime for decades: the U.S. Postal Inspector.

Apparently the U.S. Passport Office allows even temporary employees to peak at all the data kept at that bureau. Do you realize how much data you must hand over to get a passport? A very small percentage of people in the U.S. will ever own a passport (less than 10%), so I guess that source of identity theft barely even matters.

It seems the largest source of identity theft does not involve computers. People dig through garbage and copy all the numbers on the paperwork they find. Many years ago an illegal alien told me it takes less than one hour at a small town dump to find a new identity.

I am amazed at businesses that spend money to have a truck come pick up their old paperwork for shredding. Low-paid employees picks up the boxes of paperwork and take them to a building full of low-paid employees running giant paper shredders. Everyone promises never to peek at any of the important papers, ever. How do you know that promise is kept?

According to the Internet Crime Complaint Center, Internet crime is spiraling completely out of control. The amount of money lost in 2007 by the people who complained was over $240 million dollars!!!. Another billion or so dollars was probably stolen but no complaints filed. People are often too embarrassed to admit they lost money though some identity theft scam!

Corporations are spending billions to fight every consumer effort at protecting personal data. In some states a person can block access to part of their credit bureau reports. You have to pay the credit company to turn this data protection service on and off. Big business hates the notion of not being able to spy closely on every single customer. They hate it almost as much as Dick Cheney hates it when Congress tries to stop him from listening to your phone calls.

The bad guys won that battle for privacy.

Congress said Mr. Cheney could spy on U.S. citizens all he wants, with almost no oversight. You can bet Mr. Cheney proceeded to spy on U.S. Congress the day he obtained the approval.

I recently tried to open an IRA account with a very large financial institution (VLFI).
I already had other accounts with that VLFI.
Months ago I linked my account at the VLFI to another VLFI that I do business with.
On April 1st I called the VLFI and asked for help opening the IRA.
The person that answered the phone at the VLFI did not know how to do that. Apparently this person was so new they could not transfer me to another person.

We got disconnected during the call and I called back. Amazingly my call was routed back to the same person I was speaking with before! The things they can do with computers these days!

(NOTE: Businesses are no longer allowed to call customers back, that is considered a security risk. How ridiculous is that?)

The Customer Service Representative was still unable to help me, an existing customer, open the IRA. There must have been some security restriction preventing her from helping me.

The bad guys won that battle, too.

My insurance company has made security so tight at their Internet web site that customers cannot use the site. You need to own the right computer, the right web browser, and be able to answer multiple arcane security questions that change every time. They change your password automatically if you fail more than 3 questions or something along those lines.

They will not give you the new password over the phone or by e-mail. Instead they securely mail the password 5 to 10 days later, to your old address. The new password expires after the first time you use it! Nobody I know can ever jump through all these hoops.

Most people in my family use this same insurance company but we still do it the old-fashioned way, with lots of paper and phone calls. These same relatives do most of their banking on-line and rent videos and renew library books using the Internet. They just cannot access their insurance accounts using the Internet.

Several bank sites I use are gradually pushing me out of their web portals like my insurance company did several years ago. They keep asking more security questions and changing the way I log-on until finally I close the accounts out of frustration.

My VLFI freaks out when I try to access my account using my sister's laptop.

Bad guys won.

The most important question remains this:

How does a company provide adequate customer service when customer identity issues prevent that company from contacting the customer?

Finally the big business that want more people to use the Internet, like Amazon or eBay, are driving customers away by the thousands with their web tactics.

I was reading a news article on a major Internet news site (OK, OK, it was when something very disturbing happened. An advertisement for appeared. The advertisement used my actual first name. The advertisement content was based on several recent purchases from

The news story was also related to those purchases (OK, OK, it was the iPhone made by Apple, Inc.).

What concerned me was that was trying to sell me iPhone accessories by following the news articles I was reading.

In my head I start hearing the theme to Rod Serling's The Twilight Zone.

I ignored this the first time it happened. Later I was researching a purchase and eBay inserted an ad with my eBay account name into the supposedly unrelated search tool I was using. My name appeared with an offer for a used model of something I was shopping for (OK, OK, it was a Nikon D300 camera).

I will no longer make any business or personal purchases using eBay and Amazon. I never really liked it when old girlfriends spied on me to see who I was dating next.

I know businesses are spying closely on me in a vain attempt to get into my wallet. Corporations have billions of euros to spend spying on you and I (the US dollar is worthless now, better change them in for Euros quickly or else use them as, ahem, tissue paper.)

Once a corporation discovers all your personal information do you know what happens next? The bad guys grab that secretly obtained marketing data and steal all your money.

Things are only going to get worse. The banks could care less, they keep sending out fully completely credit card applications. All the crooks need to do is copy your signature from an old sales receipt.

See? The bad guys won the war. Big business and government make it so easy to steal all your money.

Postscript: Overall the bad guys prevented me from doing thousands of dollars of business on-line, just last week. Luckily I was able to take time off work, drive to local, smaller institutions where actual humans that knew me and my business requirements helped me.

TOMORROW: Insurance firms charging millions for identity theft insurance!

No comments: