Change is not a surprising thing in the world of technology (in fact, it is what we expect), but the really big surprise in 2006 was that our traditionally sleepy-eyed industry finally awoke from its near comatose state to sit up and take notice of what could be some critical developments.
How’s this for a wakeup call? When ChoicePoint Inc., a major supplier of data to the insurance industry, was hit with a record $10 million fine by the Federal Trade Commission for an “alleged” data breach, it suddenly became clear to us that the federal government really is serious about all that regulatory stuff and that failure to protect consumers’ sensitive data will at least get you fined–and might get you some time in the slammer.
And the ChoicePoint story didn’t end there. Just last month, the FTC announced it was sending claims forms to some 1,400 consumers it believes may have been damaged by identity theft related to the ChoicePoint breach. It is also inviting others who believe they may have sustained expenses due to the incident to file claims. The claimants–at least those who are judged to have legitimate claims–will ostensibly have a share in an additional $5 million that ChoicePoint had to post with the FTC in order to offer affected consumers some sort of redress.
One wonders whether the $5 million will be sufficient to cover the suffering, loss and inconvenience experienced by the victims here. Should it not be enough, it is not inconceivable that additional lawsuits will follow.
In a related event, August saw the arrest and indictment of a programmer/consultant to Sentry Insurance, Stevens Point, Wis., on identity theft and fraud charges resulting from his alleged theft of 111,000 individuals’ personal data from the company’s systems.
Although the alleged perpetrator was identified, it was interesting (and disturbing) to note that neither Sentry, nor the prosecutor, nor the defense would name the consulting firm for which the defendant worked. The only thing we do know is that it was “a nationally recognized computer consultant.”
Despite the unspoken gag order, however, it wouldn’t be surprising to see insurance companies, brokers and others who use the services of computer consultants doing extremely thorough background checks on such consultants. Maybe that’s a good thing in an era where technologically-aided crime and fraud are growing faster than our ability to control them.