June 29, 2005 12:05 PM PDT

ChoicePoint overhaul completed, company says

ChoicePoint, the data broker that leaked information on about 145,000 Americans, says it has completed changes to its business to prevent such a breach from happening again.

"In fact, we've gone beyond our announced commitments to make substantial changes in the past 90 days," ChoicePoint spokesman Dan McGinn said in an e-mail late Tuesday.

The Alpharetta, Ga.-based data broker is clarifying its position after a spokeswoman told News.com on Friday that the transition process was ongoing and that it would be some time before the company could announce its completion.

ChoicePoint revealed in February that scam artists had gotten access to personal data on tens of thousands of Americans, resulting in at least 750 cases of identity theft. The scandal has prompted calls for new legislation to protect consumers' privacy rights.

About a month later, ChoicePoint said its earlier estimate that 145,000 people were affected by the leak may have been low. The company also announced it would exit some parts of the personal data business and that it would sell information only in situations where specific criteria are met. ChoicePoint said at the time that the transition would be "substantially completed" within 90 days, suggesting the effort would be done in early June.

As part of the changes, ChoicePoint said it would no longer sell data to private investigators, debt collectors, or businesses such as check-cashing outfits, unless they are associated with an accredited bank. Additionally, ChoicePoint said it planned to mask sensitive information such as Social Security numbers in its reports.

ChoicePoint also said in March that it would only provide data in three general situations: to support consumer-driven transactions such as those with insurers or employers, or to provide consumers access to their own data; to provide authentication or fraud-prevention tools; and to assist justice agencies.

"ChoicePoint has absolutely fulfilled its obligation to do what it said it would do in the 90-day period," McGinn said, noting that the company has actually gone beyond the goals it initially set for itself.

The company, for example, has created an Office of Privacy, Credentialing and Compliance, which oversees policies regarding the company's compliance with local, state and federal privacy laws, regulations and company policies, as well as the credentialing of customers.

1 comment

Join the conversation!
Add your comment
Still a major privacy breach in progess
The problem is that ChoicePoint is STILL in the business of being a data aggregator, a business that should be patently illegal, either by a private company or government agency. There is no need for any agency, public or private, to acquire every little bit of private information in a KGB-style dossier, unless a planned breach of personal privacy for monetary gain is the objective.
Posted by Too Old For IT (351 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.