Network News

X My Profile
View More Activity

ChoicePoint to Pay $15M for Privacy Violations

Atlanta-based data aggregator ChoicePoint today agreed to pay $15 million to settle charges that it violated federal consumer protection laws when it allowed criminals to purchase sensitive financial and personal data on at least 163,000 Americans.

The settlement addresses a pair of lawsuits filed against ChoicePoint by the Federal Trade Commission and represents the largest civil penalty ever obtained by the agency.

Last February, ChoicePoint acknowledged that crooks had gained access to thousand of consumer records by posing as legitimate businesses. The FTC said the company violated the Federal Trade Commission Act, which prohibits unfair and deceptive business practices, as well as the Fair Credit Reporting Act, which requires companies that sell consumer credit reports to verify that those buying the information have a "permissible reason" for doing so.

Under the agreement, ChoicePoint will pay a $10 million civil fine and contribute $5 million to a fund that will be distributed to consumers directly affected by the incident. FTC Chairman Deborah Platt Majoras said the agency has identified at least 800 consumers who experienced identity fraud as a direct result of the ChoicePoint breach.

"Companies like ChoicePoint are realizing that it is a bad business practice to ignore the security of consumer data," Majoras said. The settlement, she said sends the message that companies that deal in consumer data "must guard the front door -- through procedures for verifying and identifying customers -- as well as guard the backdoor against hackers."

The settlement requires ChoicePoint to conduct physical site visits of new and existing customers; to conduct security risk assessments and audits with a designated third party every two years until 2026.

For background on the ChoicePoint case, read: "ChoicePoint Data Cache Became a Powder Keg: Identity Thief's Ability To Get Information Puts Heat on Firm" (Post, March 5, 2005), and "ChoicePoint Victims Have Work Ahead: Eternal Vigilance Is Price of Credit" (Post, Feb. 23, 2005).

See also ChoicePoint's consumer privacy Web site.

By Brian Krebs  |  January 26, 2006; 12:06 PM ET
Categories:  Fraud  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: T-Mobile Sues Cell Phone Record Diggers
Next: Letter from BlackHat Federal

No comments have been posted to this entry.

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company