Privacy Incursions Increase Identity Theft Risk

By Dawn Handschuh, Personal Finance Writer Archive

It's not just Big Brother watching you — there's a crowd of onlookers peering over your shoulder.

They want to know who you are, where you live, what you buy, what you make, how you vote, and much, much more. Data mining is liberally used by corporate America as well as federal and state governments to obtain personal information for a variety of purposes.

What's the harm? Privacy issues are closely tied to identity theft concerns. Once you provide personal information, whether you're making an online purchase, supplying your Social Security number to your doctor's office, or opening a bank account, you may well lose the ability to control who can access your information, how it's used, and where it's distributed.

Handing over sensitive information is like opening Pandora's box — once you disclose personal details, you can never take it back. The more often you make this information freely available, the greater the chances it will fall into the wrong hands and be misused. Stories about both corporate and government databases being hacked into by cyber-criminals have now become commonplace. Often, you may not even be aware your information is being sold or shared with others because it's routinely collected from you during the course of normal transactions, say, when buying an insurance policy.

Corporate data-mining

Although the Gramm-Leach-Billey Act of 2001 requires financial institutions, like banks and credit card issuers, to issue written privacy policies, most people don't read the fine print, which by law must offer an "opt-out" procedure for those who don't wish their personal financial information to be shared with other companies.

Many private retailers use data mining to analyze customer purchase patterns and increase sales, for example, by using purchase records to target promotions to specific customer segments.

One supermarket chain used data mining to learn that when men bought diapers on Thursdays and Saturdays, they also tended to buy beer. The grocery chain responded by moving the beer display closer to the diapers.¹

Patient privacy rights

Some states have tried to limit pharmaceutical-industry access to patients' prescription-drug information by letting doctors "opt out" of having their prescriptions used for pharmaceutical marketing. (Data collection firms purchase prescription records from pharmacy chains and doctor information from the American Medical Association. They sell this information to pharmaceutical companies who use the data to fine-tune their marketing.²)

State laws that were passed in three New England states — Maine, New Hampshire, and Vermont — were successfully challenged by the pharmaceutical data-mining industry in 2007; several pivotal court rulings are expected this summer.³

Federal student-privacy laws

Sometimes, existing laws intended to address other concerns contain requirements that compromise privacy. The No Child Left Behind Act, an educational reform law, requires public high schools that receive federal funding to provide military recruiters the same access to students as that provided to college recruiters. This means releasing the names, addresses, and telephone numbers of students to military recruiters upon request, unless the student's parents have opted out.

In today's world, preserving your personal privacy goes hand-in-hand with protecting yourself from identity theft. So the next time an application requests your Social Security number, your marital status, or your mother's maiden name, don't comply without questioning the need and relevancy of every request.

Footnotes

¹ "What is Data Mining?" University of California at Los Angeles, Anderson School of Management
² "Drug Info Firms Target Prescriber Data Laws," Commercial Alert, September 25, 2007
³ "Prescription Restraint Laws Challenged," IMS Health, Inc.