Identity Theft Task Force Report - A Look at the 31 Recommendations

The release of the President's Identity Theft Task Force report on April 23 with its 31 recommendations has implications for financial institutions.

While the report also focuses on increased law enforcement crackdowns on identity theft and the prosecution of the criminals who perpetrate this crime, the need for increasing the education of the consumer about the perils of identity theft near the top of the list of recommended actions. Financial institutions have been educating their customers about identity theft for many years, but now this comprehensive plan will push even higher on the list of must-do's for all institutions.

The leading federal agencies in the President's Identity Theft Task Force are the Department of Justice and the Federal Trade Commission. "The strategic plan recommends 31 measures containing scores of more specific recommendations some are already in place. Others we will implement within the next year," said Deborah Platt Majoras, Chairman of the Federal Trade Commission and co-chair of the Identity Task Force with Alberto Gonzalez, US Attorney General. The recommendations in the task force report spans all sectors of the economy and they target the entire life cycle of identity theft, from access to sensitive consumer data, to its acquisition, to its misuse to the investigation and prosecution of the criminals and to the victim's recovery. She noted that 15,000 to 20,000 consumer complaints filed with the FTC every week are about identity theft.

"As we continue to learn from our work, one thing is clear. Only a coordinated approach will have the reach and impact necessary to effectively attack this crime," Majoras continued. In her comments during the announcement of the report, Majoras referred to a recent survey conducted that showed 97 percent of the respondents worry about identity theft.

Majoras explained that while consumers and businesses embraced the new technologies and communication modes, the criminals also were quick to use the same avenues to steal personal information. "We are catching up, many federal agencies, businesses and other organizations have increased their efforts to safeguard sensitive data."

She noted that strong criminal enforcement is key to stem identity theft, and it has been increasing. "But we are not yet satisfied. Data security breaches remain common, and schemes for committing id theft are growing more sophisticated. Protecting the security of consumer's personal data cannot be an afterthought. It must be organically incorporated into every organization's procedures and into every American's habits."

Majoras provided a few examples of the actions named in the report in general terms, the plan calls for a reduction of unnecessary use of social security numbers in the public sector; to better protect data that must be held by federal government agencies; to establish national safeguards to require private sector entities to protect consumers' personal data and to notify consumers of certain breaches. The task force wants to implement a broader education campaign to educate consumers who are often the first line of defense and the public and private sectors on how to deter, detect and defend against ID theft; and finally, create a national identity theft law enforcement center to allow more efficient and effective law enforcement against this crime. Below is the list of recommendations, some have been implemented, some will be implemented relatively quickly; others will take time and coordination between the government and the business sector.

The Identity Theft Task Force's 31 Recommendations

  • Decrease the Unnecessary Use of Social Security Numbers in the Public Sector by Developing Alternative Strategies for Identity Management
  • Educate Federal Agencies on How to Protect Data; Monitor Their Compliance with Existing Guidance
  • Ensure Effective, Risk-Based Responses to Data Breaches Suffered by Federal Agencies
  • Establish National Standards for Private Sector Data Protection Requirements and Breach Notice Requirements
  • Develop Comprehensive Record on Private Sector Use of Social Security Numbers
  • Better Educate the Private Sector on Safeguarding Data
  • Initiate Investigations of Data Security Violations
  • Initiate a Multi-year Public Awareness Campaign
  • Develop Online Clearinghouse for Current Educational Resources
  • Hold Workshops on Authentication
  • Develop a Comprehensive Record on Private Sector Use of SSNs
  • Provide Specialized Training About Victim Recovery to First Responders and Others Offering Direct Assistance to Identity Theft Victims
  • Develop Avenues for Individualized Assistance to Identity Theft Victims
  • Amend Criminal Restitution Statutes to Ensure Victims Recover the Value of Time Spent in Trying to Remediate the Harms Suffered
  • Assess Whether to Implement a National System That Allows Victims to Obtain an Identification Document for Authentication Purposes
  • Assess Efficacy of Tools Available to Victims
  • Establish a National Identity Theft Law Enforcement Center
  • Develop and Promote the Use of a Universal Identity Theft Report Form
  • Enhance Information Sharing Between Law Enforcement and the Private Sector
  • Encourage Other Countries to Enact Suitable Domestic Legislation Criminalizing Identity Theft
  • Facilitate Investigation and Prosecution of International Identity Theft by Encouraging Other Nations to Accede to the Convention on Cybercrime
  • Identify Nations that Provide Safe Havens for Identity Thieves and Use All Measures Available to Encourage Those Countries to Change Their Policies
  • Enhance the United States Government's Ability to Respond to Appropriate Foreign Requests for Evidence in Criminal Cases Involving Identity Theft
  • Assist, Train, and Support Foreign Law Enforcement
  • Increase Prosecutions of Identity Theft
  • Conduct Targeted Enforcement Initiatives
  • Review Civil Monetary Penalty Programs
  • Close the Gaps in Federal Criminal Statutes Used to Prosecute Identity Theft-Related Offenses to Ensure Increased Federal Prosecution of These Crimes
  • Ensure That an Identity Thief's Sentence Can Be Enhanced When the Criminal Conduct Affects More Than One Victim
  • Enhance Training for Law Enforcement Officers and Prosecutors
  • Enhance the Gathering of Statistical Data Impacting the Criminal Justice System's Response to Identity Theft

About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network