Lawmakers call for ChoicePoint investigation

A group of Democratic U.S. lawmakers called Thursday for a federal investigation on how terrorists could use information from commercial databases, such as the compromised records thieves obtained from ChoicePoint Inc.

Five Democrats, four of them senior members of congressional committees related to domestic security, called for investigations by the U.S. Department of Homeland Security and the U.S. Government Accountability Office (GAO) after data collection company ChoicePoint announced in February that identity thieves had tricked the company into giving them personal records of up to 145,000 U.S. residents.

The five lawmakers argued, in letters to the two agencies, that foreign terrorists could use information from commercial databases such as ChoicePoint’s to obtain identification that would help them get into the U.S. “With the information that companies like ChoicePoint maintain, terrorists could have a better chance of entering the United States, they could better smuggle finances, and could obtain better cover when preparing to perform terrorist attacks,” wrote Representative Bennie Thompson, a Mississippi Democrat, in a letter to the GAO signed by four other Democrats.

ChoicePoint’s database includes 19 billion public records, including Social Security numbers, military records and motor vehicle registrations, on virtually all U.S. adults. The company sells this information to a variety of groups, including businesses and government agencies performing background checks on potential employees.

ChoicePoint officials say its data was likely obtained by identity thieves who used stolen identities to set up bogus businesses that requested information from the company.

Thompson, the ranking Democrat on the House Committee on Homeland Security, also called on the committee to hold hearings on possible terrorist uses of commercial databases. Senate Judiciary Chairman Arlen Specter, a Pennsylvania Republican, has already promised to hold hearings, and Senator Dianne Feinstein, a California Democrat, introduced a bill in January that would require businesses and government agencies to notify the likely victim when there is a “reasonable basis to conclude” that a criminal has obtained unencrypted personal data.

Among the other Democratic lawmakers joining with Thompson Thursday were Representative John Conyers of Michigan, the ranking Democrat on the House Judiciary Committee, and Representative Zoe Lofgren, ranking Democrat on the House Homeland Security Committee’s Subcommittee on Intelligence, Information Sharing, and Terrorism Risk Assessment.

The lawmakers’ call for an investigation comes a day after the Los Angeles Times reported that two Nigerian men gained access to ChoicePoint’s database in 2002 and used stolen identifies to buy US$1 million in merchandise. It’s unclear whether the company notified affected people at that time, according to the Times story.

ChoicePoint, on advice of its lawyers, is “not going to comment today on anything,” company spokeswoman Kristen McCoughan said Thursday.

Meanwhile, an executive of a vulnerability management firm, called for a national law that would require victims of ID theft to be notified by the companies that lose the data. Pete Stewart, chief executive officer of TraceSecurity Inc., based in Baton Rouge, Louisiana, met with Feinstein’s staff Thursday, and he talked about possible laws to address software vulnerabilties as well as ID theft.

When Stewart’s company finds a vulnerability in software one of its clients uses, TraceSecurity contacts the software vendor. “A lot of times, that (vendor) isn’t very glad to hear us make that call,” he said after his meeting. “A lot of times, there are lawsuits threatened.”

Stewart hopes the ChoicePoint situation will show lawmakers the need for better ID theft protections. The concern that Thompson and other Democrats raised about terrorists using ID theft is realistic, he added. “Let’s hope we never go there, but that’s obviously a very large issue,” Stewart said. “If (a bill) doesn’t pass, you’re going to see more ID theft take place. And it’s going to be more dramatic.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now