News
News
1/27/2006
10:59 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

FTC Sends Message With $15 Million ChoicePoint Fine: Protect Customer Data

But is it enough? The $10 million civil penalty portion is the highest fine in FTC history, but paltry compared to the $50 million fine McAfee was ordered to pay the Securities and Exchange Commission earlier this month for allegedly overstating earnings statements.

Fifteen million dollars in fines, plus regular data security audits and mandated changes to business practices. That's how ChoicePoint Inc. will have to settle charges that its security and record-handling policies were illegal and violated consumer privacy rights when it unwittingly sold 163,000 customer records to fraudsters. And it's a message the Federal Trade Commission hopes to send to companies that don't keep adequate stock of their customer data.

It may seem paltry next to the $50 million fine McAfee was ordered to pay the Securities and Exchange Commission earlier this month for allegedly heavily overstating earnings statements or the $11.2 billion lawsuit against a Florida spammer several weeks ago. But the $15 million in fines is still a lot of money, and the $10 million civil penalty portion of that is the largest single fine in FTC history. In comparison, the state of California last year fined a division of Kaiser Permanente $200,000 for a breach that affected only 150 customers. Some states have fines built into their own data security laws. For example, in Florida, a 2005 law makes companies pay $1,000 for each day they fail to report customer data breaches.

Data breaches like ChoicePoint's and the CardSystems Solutions thievery of 40 million credit card numbers polluted the landscape last year, and the trend has continued anew in January. Earlier this month, UPS lost a tape containing information on 90,000 People's Bank customers in Connecticut. Yesterday, investment advisory house Ameriprise Financial announced that lists containing personal data—including account and Social Security numbers—of 226,000 customers and employees had been stolen in the form of an unencrypted personal laptop.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.