Identity Theft is reported to be the world's fastest growing crime. In the past, fraudsters would trowel through rubbish bins and letterboxes looking for documents with personal information. Now they simply ask the victims for the information, in the form of phishing scams. Personal information is traded amongst identity thieves. Whilst the phisher's themselves may not use the personal information, it may be sold to identity thieves who will then use it to meet their needs. False credit can provide fraudsters with an anonymous way to survive and financially support illegal operations. Incidence of Identity Theft in the U.S. has grown by more than 40% in 2003 compared to the previous year. The Federal Trade Commission estimates 4.7% of the U.S. population, or 10 Million people were victims of Identity Theft in 2002, with total losses of US$53 billion. Of
this US$5 billion was lost by victims, the remaining losses were picked up by businesses, including financial institutions. [U.S. Federal Trade Commission – Consumer Sentinel Report 2003] 5.What measures can consumers take to protect against the online brokering of their personal data? 1. Personal data must be processed fairly and lawfully Tell people for which purposes the data is being collected, and if applicable, that the data may be sent outside of the EEA (European Economic Area). The most common bases for processing personal data are to enter in a contract (for example contract of sale) or if you have the individual’s consent. Recorded telephone messages are useful tools for enabling these types of message, and can be optional (for example, press 1 to hear the DP message). Notices should be prominent where CCTV is used as these images are covered by the Act and would be in scope for data subject access requests if the images are not overwritten within 40 days. Notify the Information Commissioner (via the online process) that you are processing personal data and for which purposes (there is a notification charge). 2. Personal data shall only be used in accordance with the purposes for which it was collected Ensure data collected for one purpose is not then used for a different purpose. This can be covered off by including all likely purposes in the DP fair processing message. The purposes for collecting the data must be reasonable (and obviously, lawful). 3. Personal data must be adequate, relevant and not excessive Do not collect data just in case it might be useful. 4. Personal data must be accurate and where necessary kept up to date Allow individuals the ability to update their data or to have it updated. This includes marketing communications. It is common practice nowadays for organisations to provide an opt-in approach to marketing (‘tick here if you wish to be contacted for marketing purposes’), and to enable the updating of personal data online.
You've reached the end of your free preview.
Want to read all 13 pages?
- Winter '14
- Credit card, personal data, fraud..