I'd like to thank my friend Michael in Oakland for alerting me to this article. Dow Jones MarketWatch reported the following about the current state of credit monitoring and credit resolution services for consumers:
"Plenty of products promise to help consumers avoid identity theft, but none of them is foolproof. If a product claims to prevent identity theft, that should raise red flags for consumers, said Linda Foley, founder of the Identity Theft Resource Center in San Diego. "You can't protect a person from identity theft. It's impossible. All we can do is minimize our risk." And, while these products can reduce your likelihood of becoming a victim, many employ methods that consumers can use on their own, for free."
Finally, somebody is telling it like it is. After IBM exposed my sensitive personal data, I took that as an opportunity to learn about data breaches and the current identity theft marketplace. Since then, I've looked at many of the credit monitoring services for consumers which are available from banks, independent companies, and the credit bureaus. I've reached the same conclusion as the ITRC: there's some protection to reduce a consumer's risks.
The MarketWatch article also discussed the new Security Freeze tool, which is available nationwide from the national credit bureaus:
"Consumers can freeze their reports by calling each of the three agencies. It generally costs $10 to place a freeze ($30 to freeze all three major reports) and $10 to lift each freeze (these costs are sometimes waived.) For more details, visit FinancialPrivacyNow.org. Or, you can pay for a product that includes a credit freeze, such as offered by TrustedID and others."
Well, that's mostly accurate. The fees vary by state. In my state, Massachusetts law limits the Security Freeze fees to $5.00 at each credit bureau; and Security Freezes are free for ID-theft victims (who can prove this with a copy of a filed police report). While a Security Freeze provides consumers with stronger protection than a Fraud Alert, there clearly are limits.
First, the Security Freeze tool from credit bureaus does not cover C.L.U.E. insurance reports. Consumers must do business separately with Choicepoint, a major provider of C.L.U.E. reports. Choicepoint offers Security Freezes in only about eight states: CO, DC, DE, ME, MT, NH, NJ, and NC. Naturally, you'd expect Choicepoint to offer a nationwide Security Freeze like the credit bureaus, but they don't. Consumer-focused doesn't appear to be a priority for Choicepoint. Second:
"Freezes don't stop thieves tapping existing credit or bank accounts, nor do they address other identity theft, such as when a thief provides your name as his identity when pulled over for a traffic violation."
The use of stolen identities during a crime is a huge problem which the identity protection industry hasn't solved. When criminals use stolen identification during a crime, it's that ID-theft victim who suffers, not just the criminal when (and if) caught. The victim may be jailed temporarily while identification mistakes are resolved, fined, or both.
Plus, this can happen in any country, since stolen identities are sold online worldwide. For example, look at the global trail of stolen credit cards numbers after the TJX/TJ Maxx data breach. Or, read about this ID-theft victim who was jailed after a criminal used his stolen identity during a crime. Consider this: the next time you travel abroad you could be detained by Customs in another country if a criminal has used your stolen identity during a crime in that country. I haven't read a news report (yet) about this, but the risk to consumers is real since stolen identities are traded online worldwide.
If you think that existing identity protection insurance and resolution services will help in these instances, think again:
"Identity-theft insurance helps cover the costs associated with the crime. Your homeowners or renters insurance, or your bank account, may include such insurance already, so check before purchasing. Consumer advocates say the value of such insurance is
debatable, since financial losses are often not extensive and credit-card companies generally cover consumers' losses. Still, insurance could be useful if the policy covers debit-card losses and lost wages due to
your time spent resolving the crime... As for victim resolution services, some nonprofit and state agencies
will help for free, though the services companies sell may offer valuable convenience."
This situation will only improve when consumers pressure their elected officials to enact stronger laws about identity theft which hold companies accountable for data breaches, the punishment and sentencing of identity criminals, and legislation which covers new forms of identity theft such as skimming and house stealing. It will also require some coordination between countries.
If you are detained or jailed in a foreign country due to identity theft, I don't see any of the current ID-theft resolution services helping consumers. If you agree that this situation is scary and unacceptable, write to your elected officials today.