Senator Patrick Leahy (D-VT) took a moment during a Senate hearing to acknowledge the benefits to consumers compiled information has offered. But he took several moments to needle data compilers for sloppy security practices – including those of ChoicePoint and Bank of America by name. Within the last month, both of those companies revealed that consumer data entrusted with them had fallen into unauthorized hands.
In light of this, Leahy suggested that Congress consider privacy and security concerns when doling out federal contracts.
“ChoicePoint’s bread-and-butter business includes identity verification and screening to help corporate America, as they say, ‘know its customers,’” Leahy said. “Well this company failed to know its own customers. It sold personal information on at least 145,000 Americans to criminals posing as legitimate companies. It was an irresponsible violation of the fiduciary relationship they have with their customers.”
Leahy is no outside observer to these breaches: His credit card data was among that of 1.2 million Department of Defense workers contained on five Bank of America data files that were lost in transit in late December. And he had harsh words for Bank of America, which earlier this week said that it used commercial airliners to transport the data tapes that disappeared.
“We now understand this type of transport is routine not only for them but for the entire industry,” Leahy said. “I don’t know what these people are thinking. Mr. Chairman, you and I travel commercially. We travel a lot. We’ve had our suitcases lost, and they think that a suitcase full of some of the most important data on their customers couldn’t get lost, too? And can you imagine how disillusioned their customers must feel when they realize Bank of America didn’t care any more about them then to let that happen.”
The Green Mountain State Senator noted that companies that allow consumer records to slip into malicious hands often don’t suffer as much as the consumers whose identity has been stolen do. “At the end of the day, when things go south, it is the consumer that bears the brunt of the harm,” he said.
“It might prove useful for Congress to consider the extent to which a company’s privacy and security practices are qualifying factors in securing federal contracts, including appropriate penalties in the contract procurement process for any failures,” Leahy concluded.
Network
