By Jonathan Krim
Washington Post Staff
Writer
Tuesday, June 14, 2005; Page D01
Private investigators are
working to
blunt legislation that cracks down on the active marketplace for Social
Security numbers, telling Congress that restricting access to the
numbers will
hurt their business and hamper their investigations.
Several bills are moving
through the
Capitol to prevent identity thieves from getting Social Security
numbers to
gain access to consumers' financial accounts. In the past year, the
Social
Security numbers of tens of millions of Americans have been exposed
through
personal data being lost, stolen or hacked.
But private investigators
contend that
the rush to protect privacy goes too far and would damage their ability
to
deliver valuable services, such as locating people who skip out on
debts,
commit fraud or want to avoid testifying in court.
In a lobbying blitz, trade
associations
representing roughly 40,000 licensed private investigators are
exhorting their
members to "please do something, or we will have nothing" by writing
to Congress and state legislatures, many of which also are moving to
curb the
availability of Social Security numbers.
Representatives of private
investigator
groups discussed lobbying strategy last month with several data brokers
--
companies that buy and sell personal information -- at a meeting hosted
by
ChoicePoint Inc., one of the country's largest such firms.
According to a summary of the
meeting
circulated to online news groups frequented by private investigators,
"PIs
and data provider companies are committed to a massive lobbying effort
to
educate our legislators on the ill effects of truncating data to
licensed
investigators."
But the investigators also are
worried
about large data brokers themselves, which routinely buy and sell
personal data
but have taken their own steps to restrict access to Social Security
numbers in
the wake of breaches at their firms.
Two of the largest,
ChoicePoint and
LexisNexis Group, now sell only partial Social Security numbers to
several
types of businesses, including private investigators.
"We think they can do their
jobs
without" full Social Security numbers, said James Lee, chief marketing
officer of ChoicePoint. He confirmed most of the account of the
lobbying
meeting.
Private investigators also
have other
ways of profiting from their access to such information. Some have
ongoing
subscriptions for data from brokers and maintain Web sites offering to
resell
the data to the public. Most of the subscription contracts prohibit
such
resale, and many data brokers now are requiring private investigators
and other
clients to recertify their credentials.
Brian P. McGuinness, president
of the
Baltimore-based National Council of Investigation and Security
Services, said
the large data brokers that decided to limit private investigators to
partial
Social Security numbers were being "a bit disingenuous," and were
simply trying to stave off stricter regulation by Congress.
Instead, he said, the policy
will make it
harder for private eyes to distinguish between people who have the same
or
similar names.
McGuinness
said his group is hoping for an exception to limits on Social Security
numbers
similar to one investigators enjoy in a 1994 law that restricts the
sale of
driver's license data.
"There
are some problem children in every profession," McGuinness said,
referring
to investigators who indiscriminately resell data. His organization
supports
legislation that would prohibit reselling of Social Security numbers to
the
general public online, he said.
Other
information brokers are not truncating Social Security numbers for
private
investigators.
"I
think they are an extension of law enforcement," said Terry Kilburn,
chief
operating officer of Tracers Information Specialists Inc. of Florida,
which
also advertises data available to the public on its Web site.
He
said that because his firm has amassed and combined data from a variety
of
public and private sources over many years -- including mega-brokers
such as
ChoicePoint -- he is rarely bound by their resale restrictions.
For
their part, the large data brokers say they support identity-theft
legislation
but are working quietly with banks and other financial services
companies --
also the source of several recent breaches -- to shape the bills.
Most
of the bills introduced would require that organizations notify
customers if
their information is breached, similar to a California law credited
with
forcing ChoicePoint and others to reveal their cases in recent months.
The
industry supports the position of the head of the Federal Trade
Commission,
Deborah Platt Majoras, which is to limit the disclosure requirement to
instances in which the organization believes the breach could result in
identity theft.
Privacy
groups argue that such an exemption is a loophole, because firms might
not
always know if the breach could lead to theft and would have little
incentive
to say so.
The
industry also wants one federal law that would supersede a potential
patchwork
of state laws. Consumer groups support that approach only if the
national bill
is strong.
Other
bills would provide incentives to the industry to encrypt data that
they keep
in storage, making it more difficult to use the information if it is
lost or
stolen.