On Tue, 2005-04-19 at 15:44 -0400, Alex Rubenstein wrote:
I think that these conpanies (lexis nexis, ameritrade, whoever) should be held *criminally* liable for things like this.
How long until something like the social security administration has an announcement like this? Or, Experian? Transunion? D&B?
This problem is made more intractable by not being able to reassign identifiers, such as your social security number, or your drivers license. If the Federal government were to provide a national ID that was 15 digits randomly assigned, and would associate with a name for confirmation. Once the number/name is shown to be abused, allow the individual to obtain a different number. The Feds would return MATCH, ABUSED, or INVALID on an ID query. Even guessing a valid number would be right once every 3 million guesses. Also checking against the name would make this rather difficult to abuse. Offering an ABUSED ID would be grounds to summon the authorities. By allowing the individual to report their number as being abused and having it reassigned, would make catching criminals that use purloined data far easier. -Doug