Wednesday, June 25, 2008

Cable providers' use of "deep packet inspection" technology called into question over possible privacy concerns

The fourth largest cable provider in the United States has backed away from plans to monitor the communications of its subscribers. Charter says that the data collection efforts would have protected personal information, but obviously that was the greatest concern.

Monitoring could be quite intrusive, and account for every website visited or email sent. It could detect illegal behavior. It sounds like what might happen in less democratic societies (like the monitoring in China or in Muslim countries).

The technology is called “deep packet inspection” and apparently is intended to be used as a research tool to improve customer service, as well as potential sale to marketers interesting targeted “behavioral” advertising. But consumers feel that it could compromise privacy and invite data theft.

The story in The Washington Post today (June 25) is by Peter Whoriskey and is titled “Internet provider halts plan to track, sell user’s surfing data,” link here, on page 1 of the Business Section (D in print).

Please see also the story today (June 25) on Internet advertising issues, also based on a Post story by Whoriskey, on my "main" blog (see my Profile).

Thursday, June 12, 2008

Debit cards generate repeated overdraft charges

Although this tip does not directly relate to consumer identity protection, it seems very important to pass it along.

Consumers using bank debit cards are being hit by repeated overdraft charges in short time periods. One way this happens is when they manually deposit checks (even through ATMs) and the checks are not added to their balance until the next business day, or possibly until cleared, even though the bank balance adds the “pending” amount into the total it displays. When consumers withdraw or spend from these cards in the mean time, particularly over weekends, they may incur successive overdrafts on every charge.

Consumers should also considering asking banks to place maximum daily and point-of-sale withdrawals on debit cards, as a personal security measure.

Monday, June 02, 2008

LifeLock news; we still don't demand enough of lenders

There is a PC World story from late May about the founded or Life Lock, Todd Davis, whose own identity was stolen. The story also relates some complaints about LifeLock, which is a common issue with many startups. You can find it in Travis Hudson’s PC World blog here.

It still seems to me that in practice, one of the best practical protections for identity protection is to stay alert. Keep watch your own accounts online, especially bank accounts where you have a debit card. Keep up with your credit reports. It seems from personal experience that people who are less computer literate or who are not able to get to their personal information because of business travel, especially overseas, or, especially now, volunteer or humanitarian work overseas, have more issues.

I have wondered if there are subtle demographics that makes someone more or less of a “mark.” For example, I have an unusual Eastern European last name. It might be harder to imitate me and get away with it. Although I am not a celebrity in the usual Tinseltown or “Hillary Clinton” sense, I am somewhat well known, enough that it is not easy to get away with replicating me.

Still, as I’ve said many times, we don’t expect enough due diligence and care from lenders and banks. Look at the way they got us into the subprime mess. Is it any wonder they can drop the ball on not checking applicants’ identities carefully? We still need some sort of identity check database (based on NCOA), and I think we can do it without impinging on ordinary privacy or civil liberties.