- The Washington Times - Thursday, May 31, 2007

4:15 p.m.

ATLANTA (AP) — ChoicePoint Inc. settled with 43 states and the District of Columbia over accusations it failed to adequately secure consumers’ personal information related to a breach of its database it disclosed in 2005.

The Alpharetta, Ga., consumer data provider has agreed to adopt significantly stronger security measures, including written certification for access to consumer reports and, in some cases, on-site visits by ChoicePoint to ensure the legitimacy of companies before they are allowed access to personally identifiable information.

The breach involved thieves posing as small business customers who gained access to ChoicePoint’s database, possibly compromising the personal information of 163,000 people, according to the Federal Trade Commission.

ChoicePoint collects data on individuals, including Social Security numbers, real estate holdings and current and former addresses. It has about 19 billion records, and its customers include insurance companies, financial institutions and federal, state and local agencies.

ChoicePoint will conduct periodic audits to ensure that companies are using consumer data for legitimate purposes, according to the settlement announced today.

There is no fine, though ChoicePoint will pay $500,000 for state public education campaigns about identity theft.

“This step marks a historic first — the first time a data broker has agreed to safeguard certain sensitive publicly available information, including Social Security numbers, using the same credentialing methods as it uses to safeguard private financial information that is protected by law,” Connecticut Attorney General Richard Blumenthal said.

There was no admission of wrongdoing by the company in the settlement, ChoicePoint spokesman Matt Furman said. Seven states, including Georgia, are not part of the settlement, ChoicePoint said. The other states not involved in the settlement are Kansas, New Hampshire, Rhode Island, South Carolina, Utah and Wyoming.

“The changes we are making as a result of our conversations with the states are clearly good for our business and, we expect, will ultimately be where the entire industry finds itself,” Mr. Furman said. “In fact, we will be watching with interest as the attorneys general expand their focus on these critical issues across every sector of our economy.”

In January 2006, ChoicePoint agreed to pay $15 million to settle Federal Trade Commission charges that the data warehouser’s security and record-handling procedures violated consumers’ privacy rights when thieves infiltrated the company’s massive database.

The FTC fined the company $10 million — the biggest fine the agency had ever imposed — and said ChoicePoint would pay an additional $5 million to compensate consumers.

The federal government is among ChoicePoint’s biggest customers.

Copyright © 2018 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times welcomes your comments on Spot.im, our third-party provider. Please read our Comment Policy before commenting.


Click to Read More and View Comments

Click to Hide