Original Source

Summary

On Wednesday, May 4, 2011, at 9:30 a.m., the Subcommittee on Commerce, Manufacturing and Trade will hold a hearing entitled, “The Threat of Data Theft to American Consumers” in 2322 Rayburn House Office Building. Witnesses are by invitation only.

The purpose of this hearing is to examine risks related to data breaches, the state of ongoing investigations, current industry data security practices, and available technology.

Background

Since this issue of data breach became a common household term in 2005 when hackers gained access to 160,000 consumer records in the ChoicePoint data breach, American consumers have been inundated with reports of data breaches on a regular basis. According to the Privacy Rights Clearinghouse, over 2,500 data breaches implicating nearly 600 million records have been made public since 2005.1,2 In April 2011 alone, the Clearinghouse reports over 30 data breaches occurred at hospitals and medical provider offices; universities; insurance companies; airlines; technology companies; banks; and at the municipal, State, and Federal government levels. These breaches occurred via phishing, theft of computer or other devices, and hacking, impacting a minimum of 99 million records (a number of these breaches impacted an “unknown” number of records).

These records involve various pieces of information that can be used alone or in conjunction with other pieces of information to wreak havoc on a consumer’s financial well-being by using existing lines of credit or establishing new lines of credit, to gain unlawful access to bank accounts, to acquire jobs or government benefits for which they are otherwise not eligible, seek medical care, or use another’s identification in a law enforcement situation. Data breaches often involve unauthorized access to a person’s name, birth date, Social Security number, driver’s license number, credit account numbers, financial account numbers, usernames and passwords, or PIN numbers.

Whether the breach occurs inadvertently through the accidental release of information, in the offline world by loss of a laptop or stolen records, or online via hacking, the results can be disastrous for consumers. The FTC estimates nearly 9 million Americans fall victim to identity theft annually, costing both consumers and businesses tens of billions of dollars each year. While the Identity Theft Resource Center reports that both the cost to consumers has fallen as has the number of hours lost in resolving identity thefts, consumers still lose hundreds of dollars out of pocket and spend dozens of hours on cleanup efforts.

May 4, 2011

The Subcommittee on Commerce, Manufacturing, and Trade subcommittee scheduled hearing on Wednesday, May 4, 2011, at 9:30 a.m. in 2322 Rayburn House Office Building entitled, “The Threat of Data Theft to American Consumers.”

Background Memo

Watch the Archived Webcast

Opening Statements

Opening statement from Commerce, Manufacturing, and Trade Subcommittee Chairman Mary Bono Mack

Witness List

Panel One

David Vladeck
Director Bureau of Consumer Protection
Federal Trade Commission
Written Testimony (Truth in Testimony Form)

Pablo Martinez
Deputy Special Agent in Charge
Criminal Investigative Division, U.S. Secret Service
Written Testimony (Truth in Testimony Form)

Panel Two

Justin Brookman
Director Consumer Privacy Project
Center for Democracy and Technology
Written Testimony (Truth in Testimony Form)

Dr. Gene Spafford
Executive Director
Purdue University
Written Testimony (Truth in Testimony Form)