Print

Email story

Comment

Email editor

Your life exposed

A thriving industry is out there collecting and selling information on nearly everyone.

By DAVE GUSSOW
Published March 20, 2005

The paper trail begins early, with a birth certificate and Social Security number.

Over the years, the dossier grows. Education. Driving. Voting. Jobs. Credit. Marriage. Kids. Property.

You name it and there's a record of it somewhere, most likely at a courthouse or government agency.

In simpler times, viewing any of these snapshots of any one person took some exercise. Someone had to visit an office, copy a piece of paper. The digital age put much of that information in electronic form, and it was the digital economy that turned it into an industry.

You may have a passing interest in all the things that are recorded in your name, but others want it so much they're willing to pay for it. Marketers and businesses want to sell you stuff. Employers want to know your background for hiring decisions. Creditors want to check you out when you apply for loans. And that's just for starters.

There's a reason why you can walk into a car dealership with little more than a photo ID and drive a new car off the lot in about the time it takes to eat a nice lunch. You are an open book.

And collecting the pages is good business. The industry is too splintered with small, private companies to get a solid handle on its overall value, but one of the largest companies is publicly traded ChoicePoint Inc. Like other so-called information brokers, ChoicePoint makes money by accumulating, packaging and then selling nuggets of information about consumers to a wide range of companies, from marketers to media. In 2004, ChoicePoint had revenues near $1-billion.

"We look at this in essence as an information food chain," said Michael Sankey, founder and chief executive of BRB Publications, which publishes source books about public records. "The basic starting point is at the government level."

Sankey says about 26,000 entities, mostly government agencies, deal in personal information. Though there are thousands of private vendors in the information business, he categorizes only about 250 of those as major players with their own databases.

The industry has been around for some time, but lately it has gotten a lot of attention. It started when ChoicePoint, based in Alpharetta, Ga., acknowledged that it had been duped last year by a phony company into providing a crime ring with the personal information, such as Social Security numbers, of 145,000 people, including 10,000 Floridians. Criticism peaked when it was discovered that ChoicePoint waited for months before notifying victims that sensitive information about them had been stolen.

Then this year, hackers gained access to LexisNexis' computer system, which carried information similar to what ChoicePoint collected, and stole personal data on 32,000 people. Bank of America lost computer tapes with Social Security numbers and account information of 1.2-million federal employees. Burglars broke into a Nevada Department of Motor Vehicles office, taking a computer with information and photos of 8,900 people.

Now, the industry has everyone's attention. Congress held hearings last week, calling in executives from ChoicePoint and LexisNexis to answer questions and to hear lawmakers opine about the need to add regulations to a business that has gone largely unmonitored.

U.S. Rep. Edward Markey, D-Mass., likened the unregulated sale of personal information to a bazaar in Bombay. "Right here, get your Social Security numbers!" he said at last week's hearing. "Medical records, employment history, cheaper by the dozen!"

All the industry executives could do was apologize for the lapses and agree to support some regulation, though not a lot.

While there are laws that regulate how some data are handled, such as the Fair Credit Reporting Act that is supposed to limit credit information to legitimate companies and provides consumers with avenues for correcting inaccurate information on their credit report, overall there is little oversight of the industry.

"A lot of people are finding ways around these laws and trying to make a buck," Sankey said. "The legitimate companies attempt to follow these laws. . . . With the advent of the Internet, now you have anybody who can put together a Web page and find a way to buy records from a big vendor calling themselves information brokers."

Sankey says companies can vary from specialists, such as CarFax, which sells vehicle histories to potential buyers, to regional operations that try to collect as much information from courts and state agencies in a particular geographic area.

How do these companies get the information? Often, they buy it. Last year, ChoicePoint, for instance, paid the state of Florida $13.7-million for a database of driver histories.

"Some of these vendors only sell their information to the consumer reporting agency groups," Sankey said. "Some sell to end users."

Beth Givens, director of the Privacy Rights Clearinghouse, says the explosion in the number of companies dealing with data has people understandably concerned, but there's little an individual can do to control it.

"Individuals are finally waking up to the fact that there's this whole industry out there that's selling robust data profiles on just about every American adult," Givens said.

Among things Givens would like to see is restricting some personal information, such as Social Security numbers and some details in family law cases, from public records. But she does not advocate restricting public records.

"The whole point of being public is that we the people can judge the government and make sure there's fairness and justice," she said.

There are data companies in almost every state, including some in the Tampa Bay area. While ChoicePoint may have made people question the whole industry, others say they're doing important work. And despite Markey's hyperbole about the marketplace, those in the industry say that's not how it works.

Owens OnLine in Tampa does background and credit checks for clients around the world, including Fortune 500 companies, says Mark Owens, the company president. It also sells data to other background screening companies and even government agencies.

While Owens described his business' growth in recent years as sizable, he declined to give specifics for competitive reasons. But he does have views of the proposals in Congress and the industry.

"If you want a free society, you have to have an open society of information," Owens said. "The benefits outweigh the occasional problems."

If Congress bans the sale of Social Security numbers, Owens says, something else will take its place. "We need a number to identify our citizens so we are sure we have the right one," Owens said.

He agreed that some regulation may be necessary. For example, Owens says Social Security numbers can be bought online for as little as $2.50. "You shouldn't be able to do that."

But restricting companies from doing thorough background checks can be risky, too.

"We can't legislate protection for every incident," Owens said. "People have to understand that technology is crashing into our comfort zone. You're nervous because you don't know who's on the other end of the computer."

Adding to the nervousness is the reality of identity theft. The Federal Trade Commission estimates annual losses at more than $50-billion, with about 10-million people a year victimized.

According to an analysis by Vontu Inc., a data security company, 95 percent of the incidents involving data loss were unintentional, caused by human error, such as carelessness or inadequately trained staff.

"We're never going to have 100 percent security," said Joseph Ansanelli, Vontu's chief executive and one of the witnesses who testified at a congressional hearing last week.

That's of little comfort to the thousands of people whose information was lost or taken in the recent incidents. While about 750 people already have reported identity theft problems coming out of the ChoicePoint case, for example, experts say others will have to monitor their data for years.

ChoicePoint has offered to pay for a year of credit monitoring for people affected, but critics say that is not enough. The company would not commit at last week's hearings to bolster the offer.

"We've had a number of calls from people who have received this offer who say it's completely inadequate," said Peter Binkow, an attorney with Glancy, Binkow and Goldberg in Los Angeles who has filed a suit on behalf of Eileen Goldberg, one of the victims and the mother of one of the firm's partners.

Binkow says other victims have contacted the firm, some seeking information and some offering to be part of what he hopes will become a class-action suit.

"A lot of people are angry," he said.

Information from Times wires and files was used in this report. Dave Gussow can be reached at 727 771-4328 or gussow@sptimes.com

BRB Publications: www.brbpub.com

ChoicePoint: www.choicepoint.com

Owens Online: www.owens.com

Privacy Rights Clearinghouse: www.privacyrights.org

Vontu: www.vontu.com

[Last modified March 19, 2005, 08:44:21]