13.Identity Crisis

Identity Crisis This has been the summer of identity theft. Since May, federal agencies and private companies alike have admitted to exposing millions of Americans to the threat of spoilt credit reports and imbalanced bank statements through sloppy handling of confidential personal data. The recent news is frustratingly typical: Last month the Agriculture Department announced that one of its laptops had vanished -along with personal information about 350 USDA employees on its hard drive and a paper printout of the data. Someone returned the laptop and the printout to a meat plant, but investigators don't know whether any of the profiles had been compromised. This isn't the first trouble the USDA has had with ensuring the security of its workers' information. In June, the agency reported that a hacker had gained access to the records of 26,000 D.C. area employees. And the USDA's foibles are only a fraction of the problem. In May, a Department of Veterans Affairs employee lost a laptop with personal information about 26.5 million people on it. The Federal Trade Commission, the agency responsible for monitoring identity theft, lost two laptops of its own in June with files containing people's financial account numbers. In the past year and a half, about 85 million Americans have received word that their identifying information may have been stolen. These cases should be stern warnings to government and private-sector managers alike. All it takes is one stolen laptop in the hands of the right thief to deal expensive and time-consuming damage to people who did little more than give their Social Security numbers to their employers. According to the FTC, identity theft cost American consumers $5 billion in 2002. Over the past decade, Americans have gotten used to their personal information zipping around cyberspace, and, for the most part, that's a good thing. The growing success of e-commerce, Internet banking and other electronic services in which personal data are exchanged attests to the value of public trust in the security of the information they give out. But government agencies and private companies have to be more careful with Americans' identities. That means doing such basic things as encrypting data taken outside the office or maintaining a functional hacker shield. There also may be room for Congress to help. It can't prevent personal data from being stolen, but it can follow the lead of many states by passing the Data Accountability and Trust Act, which requires prompt notification to those at risk when their data are compromised.